How it Works
SMC Networks
Loading...
6624GSSC
Management Manual
388 pgs3.13 Mb0

SMC Networks SMC6624M, 6624FMST, 6624GLSC, 6624GSSC, 6624GT Management Manual

...
Download
Page 1
Stackable Fast Ethernet Switch
24 10BASE-T/100BASE-TX RJ-45 ports
Auto MDI/MDI-X support on all ports
Optional 100BASE-FX or 1000BASE-X modules
Optional stack module for linking up to 16 units
8.8 Gbps of aggregate switch bandwidth
LACP port trunking support
Port mirroring for non-intrusive analysis
Full support for IEEE 802.1Q VLANs with GVRP
IP Multicasting with IGMP Snooping
Manageable via console, Web, SNMP/RMON
TigerStack II 10/100
Management Guide
SMC6624M
Page 2
Page 3
6 Hughes Irvine, CA 92618 Phone: (949) 707-2400
TigerStack II 10/100 Management Guide
From SMC’s Tiger line of feature-rich workgroup LAN solutions
October 2001
Pub. # 150000008200A R01
Page 4
Information furnished by SMC Networks, Inc. (SMC) is believed to be accurate and reliable. However, no responsibility is assumed by SMC for its use, nor for any infringements of patents or other rights of third parties which may result from its use. No license is granted by implication or otherwise under any patent or patent rights of SMC. SMC reserves the right to change specifications at any time without notice.
Copyright © 2001 by
SMC Networks, Inc.
6 Hughes
Irvine, CA 92618
All rights reserved. Printed in Taiwan
Trademarks:
SMC is a registered trademark; and EZ Switch, TigerStack and TigerSwitch are trademarks of SMC Networks, Inc. Other product and company names are trademarks or registered trademarks of their respective holders.
Page 5
i
L
IMITED
W
ARRANTY
Limited Warranty Statement: SMC Networks, Inc. (“SMC”) warrants its products to be free from defects in workmanship and materials, under normal use and service, for the applicable warranty term. All SMC products carry a standard 90-day limited warranty from the date of purchase from SMC or its Authorized Reseller. SMC may, at its own discretion, repair or replace any product not operating as warranted with a similar or functionally equivalent product, during the applicable warranty term. SMC will endeavor to repair or replace any product returned under warranty within 30 days of receipt of the product.
The standard limited warranty can be upgraded to a Limited Lifetime* warranty by registering new products within 30 days of purchase from SMC or its Authorized Reseller. Registration can be accomplished via the enclosed product registration card or online via the SMC web site. Failure to register will not affect the standard limited warranty. The Limited Lifetime warranty covers a product during the Life of that Product, which is defined as the period of time during which the product is an “Active” SMC product. A product is considered to be “Active” while it is listed on the current SMC price list. As new technologies emerge, older technologies become obsolete and SMC will, at its discretion, replace an older product in its product line with one that incorporates these newer technologies. At that point, the obsolete product is discontinued and is no longer an “Active” SMC product. A list of discontinued products with their respective dates of discontinuance can be found at:
http://www.smc.com/smc/pages_html/support.html.
All products that are replaced become the property of SMC. Replacement products may be either new or reconditioned. Any replaced or repaired product carries either a 30-day limited warranty or the remainder of the initial warranty, whichever is longer. SMC is not responsible for any custom software or firmware, configuration information, or memory data of Customer contained in, stored on, or integrated with any products returned to SMC pursuant to any warranty. Products returned to SMC should have any customer-installed accessory or add-on components, such as expansion modules, removed prior to returning the product for replacement. SMC is not responsible for these items if they are returned with the product.
Customers must contact SMC for a Return Material Authorization number prior to returning any product to SMC. Proof of purchase may be required. Any product returned to SMC without a valid Return Material Authorization (RMA) number clearly marked on the outside of the package will be returned to customers at customer’s expense. For warranty claims within North America, please call our toll-free customer support number at (800) 762-4968. Customers are responsible for all shipping charges from their facility to SMC. SMC is responsible for return shipping charges from SMC to customer.
WARRANTIES EXCLUSIVE: IF AN SMC PRODUCT DOES NOT OPERATE AS WARRANTED ABOVE, CUSTOMER’S SOLE REMEDY SHALL BE REPAIR OR REPLACEMENT OF THE PRODUCT IN QUESTION, AT SMC’S OPTION. THE FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ALL OTHER WARRANTIES OR CONDITIONS, EXPRESS OR IMPLIED, EITHER IN FACT OR BY OPERATION OF LAW, STATUTORY OR OTHERWISE, INCLUDING WARRANTIES OR CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. SMC NEITHER ASSUMES NOR AUTHORIZES ANY OTHER PERSON TO ASSUME FOR IT ANY OTHER LIABILITY IN CONNECTION WITH THE SALE, INSTALLATION, MAINTENANCE OR USE OF ITS PRODUCTS. SMC SHALL NOT BE LIABLE UNDER THIS WARRANTY IF ITS TESTING AND EXAMINATION DISCLOSE THE ALLEGED DEFECT IN THE PRODUCT DOES NOT EXIST OR WAS CAUSED BY CUSTOMER’S OR ANY THIRD PERSON’S MISUSE, NEGLECT, IMPROPER INSTALLATION OR TESTING, UNAUTHORIZED ATTEMPTS TO REPAIR, OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE, OR BY ACCIDENT, FIRE, LIGHTNING, OR OTHER HAZARD.
LIMITATION OF LIABILITY: IN NO EVENT, WHETHER BASED IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), SHALL SMC BE LIABLE FOR INCIDENTAL, CONSEQUENTIAL, INDIRECT, SPECIAL, OR PUNITIVE DAMAGES OF ANY KIND, OR FOR LOSS OF REVENUE, LOSS OF BUSINESS, OR OTHER FINANCIAL LOSS ARISING OUT OF OR IN CONNECTION WITH THE SALE, INSTALLATION,
Page 6
L
IMITED WARRANTY
ii
MAINTENANCE, USE, PERFORMANCE, FAILURE, OR INTERRUPTION OF ITS PRODUCTS, EVEN IF SMC OR ITS AUTHORIZED RESELLER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES OR THE LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES FOR CONSUMER PRODUCTS, SO THE ABOVE LIMITATIONS AND EXCLUSIONS MAY NOT APPLY TO YOU. THIS WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS, WHICH MAY VARY FROM STATE TO STATE. NOTHING IN THIS WARRANTY SHALL BE TAKEN TO AFFECT YOUR STATUTORY RIGHTS.
* SMC will provide warranty service for one year following discontinuance from the active SMC price list. Under the limited lifetime warranty, internal and external power supplies, fans, and cables are covered by a standard one-year warranty from date of purchase.
SMC Networks, Inc.
6 Hughes
Irvine, CA 92618
Page 7
iii
Contents
Contents
1 Selecting a Management Interface
Understanding Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
Advantages of Using the Menu Interface . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Advantages of Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
CLI Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
Advantages of Using the Web Browser Interface . . . . . . . . . . . . . . . . 1-4
2 Using the Menu Interface
Starting and Ending a Menu Session . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2
How To Start a Menu Interface Session . . . . . . . . . . . . . . . . . . . . . . . . . 2-3
How To End a Menu Session and Exit from the Console: . . . . . . . . . . 2-4
Main Menu Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6
Screen Structure and Navigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8
Rebooting the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11
Menu Features List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-13
Where To Go From Here . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-14
3 Using the Command Line Interface (CLI)
Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1
Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1
Privilege Levels at Logon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2
Privilege Level Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3
Operator Privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3
Manager Privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4
How To Move Between Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6
Listing Commands and Command Options . . . . . . . . . . . . . . . . . . . . . . 3-7
Listing Commands Available at Any Privilege Level . . . . . . . . . . . 3-7
Command Option Displays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9
Displaying CLI “Help” . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-10
Configuration Commands and the Context Configuration Modes . . 3-12
Page 8
iv
Contents
CLI Control and Editing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-15
4 Using the Web Browser Interface
General Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2
Web Browser Interface Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
Starting a Web Browser Interface Session with the Switch . . . . . . 4-4
Using a Standalone Web Browser in a PC or UNIX Workstation . . . . 4-4
Tasks for Your First Web Browser Interface Session . . . . . . . . . . . . 4-6
Viewing the “First Time Install” Window . . . . . . . . . . . . . . . . . . . . . . . . 4-6
Creating User Names and Passwords in the Browser Interface . . . . . 4-7
Using the Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-8
Using the User Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-9
If You Lose a Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-9
Support/Mgmt URL Feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-10
Support URL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-10
Status Reporting Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11
The Overview Window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11
The Port Utilization and Status Displays . . . . . . . . . . . . . . . . . . . . . . . 4-12
Port Utilization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-12
Port Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14
The Alert Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15
Sorting the Alert Log Entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15
Alert Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16
Viewing Detail Views of Alert Log Entries . . . . . . . . . . . . . . . . . . 4-17
The Status Bar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-17
5 Configuring IP Addressing, Time Synchronization,
Interface Access, and System Information
IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2
Just Want a Quick Start? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
IP Addressing with Multiple VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
IP Addressing in a Stacking Environment . . . . . . . . . . . . . . . . . . . . . . . 5-4
Menu: Configuring IP Address, Gateway, and Time-To-Live (TTL) . . 5-4
CLI: Configuring IP Address, Gateway, and Time-To-Live (TTL) . . . . 5-6
Web: Configuring IP Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8
Page 9
v
Contents
How IP Addressing Affects Switch Operation . . . . . . . . . . . . . . . . . . . . 5-8
DHCP/Bootp Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-9
Network Preparations for Configuring DHCP/Bootp . . . . . . . . . 5-12
Globally Assigned IP Network Addresses . . . . . . . . . . . . . . . . . . . . . . 5-13
Time Synchronization Protocol Options . . . . . . . . . . . . . . . . . . . . . . . 5-14
TimeP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-14
SNTP Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-14
Overview: Selecting a Time Synchronization Protocol or Turning Off
Time Protocol Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15
General Steps for Running a Time Protocol on the Switch: . . . . 5-15
Disabling Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15
SNTP: Viewing, Selecting, and Configuring . . . . . . . . . . . . . . . . . . . . . 5-16
Menu: Viewing and Configuring SNTP . . . . . . . . . . . . . . . . . . . . . 5-17
CLI: Viewing and Configuring SNTP . . . . . . . . . . . . . . . . . . . . . . . 5-19
TimeP: Viewing, Selecting, and Configuring . . . . . . . . . . . . . . . . . . . . 5-25
Menu: Viewing and Configuring TimeP . . . . . . . . . . . . . . . . . . . . . 5-25
CLI: Viewing and Configuring TimeP . . . . . . . . . . . . . . . . . . . . . . 5-27
SNTP Unicast Time Polling with Multiple SNTP Servers . . . . . . . . . 5-32
Address Prioritization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-32
Adding and Deleting SNTP Server Addresses . . . . . . . . . . . . . . . 5-33
Menu Interface Operation with Multiple SNTP Server Addresses
Configured . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-34
SNTP Messages in the Event Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-34
Interface Access: Console/Serial Link, Web, and Inbound Telnet 5-35
Menu: Modifying the Interface Access . . . . . . . . . . . . . . . . . . . . . . . . . 5-36
CLI: Modifying the Interface Access . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-37
System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-40
Menu: Viewing and Configuring System Information . . . . . . . . . . . . . 5-41
CLI: Viewing and Configuring System Information . . . . . . . . . . . . . . 5-42
Web: Configuring System Parameters . . . . . . . . . . . . . . . . . . . . . . . . . 5-44
6 Optimizing Port Usage Through Traffic Control and Port
Trunking
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1
Viewing Port Status and Configuring Port Parameters . . . . . . . . . . . 6-1
Menu: Viewing Port Status and Configuring Port Parameters . . . . . . 6-4
CLI: Viewing Port Status and Configuring Port Parameters . . . . . . . . 6-5
Page 10
vi
Contents
Web: Viewing Port Status and Configuring Port Parameters . . . . . . . 6-8
Port Trunking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-9
SMC6624M Port Trunk Features and Operation . . . . . . . . . . . . . . . . . 6-10
Trunk Configuration Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-11
Menu: Viewing and Configuring a Static Trunk Group . . . . . . . . . . . . 6-15
Check the Event Log (page 11-10) to verify that the trunked
ports are operating properly. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-17
CLI: Viewing and Configuring a Static or Dynamic Port
Trunk Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-17
Using the CLI To View Port Trunks . . . . . . . . . . . . . . . . . . . . . . . . 6-17
Using the CLI To Configure a Static or Dynamic Trunk Group . 6-19
Web: Viewing Existing Port Trunk Groups . . . . . . . . . . . . . . . . . . . . . 6-22
Trunk Group Operation Using LACP . . . . . . . . . . . . . . . . . . . . . . . . . . 6-23
Default Port Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-24
LACP Notes and Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-25
Trunk Group Operation Using the “Trunk” Option . . . . . . . . . . . . . . . 6-26
How the Switch Lists Trunk Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-27
Outbound Traffic Distribution Across Trunked Links . . . . . . . . . . . . 6-27
7 Using Passwords, Port Security, and Authorized IP
Managers To Protect Against Unauthorized Access
Using Password Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2
Menu: Setting Manager and Operator Passwords . . . . . . . . . . . . . . . . . 7-3
CLI: Setting Manager and Operator Passwords . . . . . . . . . . . . . . . . . . . 7-5
Web: Configuring User Names and Passwords . . . . . . . . . . . . . . . . . . . 7-6
Configuring and Monitoring Port Security . . . . . . . . . . . . . . . . . . . . . . 7-7
Basic Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-7
Blocking Unauthorized Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-8
Trunk Group Exclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-9
Planning Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-9
Recommended Port Security Procedures . . . . . . . . . . . . . . . . . . . 7-10
CLI: Port Security Command Options and Operation . . . . . . . . . . . . 7-11
CLI: Displaying Current Port Security Settings . . . . . . . . . . . . . . 7-14
CLI: Configuring Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-15
Web: Displaying and Configuring Port Security Features . . . . . . . . . 7-20
Page 11
vii
Contents
Reading Intrusion Alerts and Resetting Alert Flags . . . . . . . . . . . . . . 7-20
Notice of Security Violations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-20
How the Intrusion Log Operates . . . . . . . . . . . . . . . . . . . . . . . . . . 7-21
Keeping the Intrusion Log Current by Resetting Alert Flags . . . 7-21 Menu: Checking for Intrusions, Listing Intrusion Alerts, and
Resetting Alert Flags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-22
CLI: Checking for Intrusions, Listing Intrusion Alerts, and
Resetting Alert Flags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-23
Using the Event Log To Find Intrusion Alerts . . . . . . . . . . . . . . . 7-25
Web: Checking for Intrusions, Listing Intrusion Alerts, and
Resetting Alert Flags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-26
Operating Notes for Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-26
Using IP Authorized Managers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-28
Access Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-29
Defining Authorized Management Stations . . . . . . . . . . . . . . . . . . . . . 7-29
Overview of IP Mask Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-30
Menu: Viewing and Configuring IP Authorized Managers . . . . . . . . . 7-31
CLI: Viewing and Configuring Authorized IP Managers . . . . . . . . . . . 7-32
Listing the Switch’s Current Authorized IP Manager(s) . . . . . . . 7-32
Configuring IP Authorized Managers for the Switch . . . . . . . . . . 7-33
Web: Configuring IP Authorized Managers . . . . . . . . . . . . . . . . . . . . . 7-34
Building IP Masks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-34
Configuring One Station Per Authorized Manager IP Entry . . . . 7-34
Configuring Multiple Stations Per Authorized Manager
IP Entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-35
Additional Examples for Authorizing Multiple Stations . . . . . . . 7-37
Operating and Troubleshooting Notes . . . . . . . . . . . . . . . . . . . . . . . . . 7-37
8 Configuring for Network Management Applications
SNMP Management Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2
Configuring for SNMP Access to the Switch . . . . . . . . . . . . . . . . . . . . 8-3
SNMP Communities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5
Menu: Viewing and Configuring SNMP Communities . . . . . . . . . . . . . 8-5
To View, Edit, or Add SNMP Communities: . . . . . . . . . . . . . . . . . . 8-5
CLI: Viewing and Configuring Community Names . . . . . . . . . . . . . . . . 8-7
Listing Current Community Names and Values . . . . . . . . . . . . . . . 8-7
Configuring Identity Information . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8
Configuring Community Names and Values . . . . . . . . . . . . . . . . . . 8-8
Trap Receivers and Authentication Traps . . . . . . . . . . . . . . . . . . . . . . 8-9
Page 12
viii
Contents
CLI: Configuring and Displaying Trap Receivers . . . . . . . . . . . . . . . . 8-10
Using the CLI To List Current SNMP Trap Receivers . . . . . . . . . 8-10
Configuring Trap Receivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-11
Using the CLI To Enable Authentication Traps . . . . . . . . . . . . . . . . . . 8-11
Advanced Management: RMON Support . . . . . . . . . . . . . . . . . . . . . . . 8-12
RMON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12
9 Configuring Advanced Features
Stack Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
Components of Stack Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-4
General Stacking Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-4
Operating Rules for Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5
General Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5
Specific Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-6
Overview of Configuring and Bringing Up a Stack . . . . . . . . . . . . . . . . 9-7
General Steps for Creating a Stack . . . . . . . . . . . . . . . . . . . . . . . . 9-10
Using the Menu Interface To View Stack Status and Configure
Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-12
Using the Menu Interface To View and Configure a Commander
Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-12
Using the Menu To Manage a Candidate Switch . . . . . . . . . . . . . 9-14
Using the Commander To Manage The Stack . . . . . . . . . . . . . . . . . . . 9-16
Using the Commander To Access Member Switches for
Configuration Changes and Monitoring Traffic . . . . . . . . . . . . . . 9-23
Converting a Commander or Member to a Member of
Another Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-24
Monitoring Stack Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-25
Using the CLI To View Stack Status and Configure Stacking . . . . . . 9-29
Using the CLI To View Stack Status . . . . . . . . . . . . . . . . . . . . . . . 9-31
Using the CLI To Configure a Commander Switch . . . . . . . . . . . 9-33
Adding to a Stack or Moving Switches Between Stacks . . . . . . . 9-35
Using the CLI To Remove a Member from a Stack . . . . . . . . . . . 9-40
Using the CLI To Access Member Switches for Configuration
Changes and Traffic Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-42
SNMP Community Operation in a Stack . . . . . . . . . . . . . . . . . . . . . . . 9-43
Using the CLI To Disable or Re-Enable Stacking . . . . . . . . . . . . . . . . 9-44
Transmission Interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-44
Stacking Operation with Multiple VLANs Configured . . . . . . . . . . . . 9-44
Web: Viewing and Configuring Stacking . . . . . . . . . . . . . . . . . . . . . . . 9-45
Page 13
ix
Contents
Status Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-46
Port-Based Virtual LANs (Static VLANs) . . . . . . . . . . . . . . . . . . . . . . 9-47
Overview of Using VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-50
VLAN Support and the Default VLAN . . . . . . . . . . . . . . . . . . . . . . 9-50
Which VLAN Is Primary? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-50
Per-Port Static VLAN Configuration Options . . . . . . . . . . . . . . . . 9-51
General Steps for Using VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-53
Notes on Using VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-53
Menu: Configuring VLAN Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . 9-54
To Change VLAN Support Settings . . . . . . . . . . . . . . . . . . . . . . . . 9-54
Adding or Editing VLAN Names . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-56
Adding or Changing a VLAN Port Assignment . . . . . . . . . . . . . . . 9-57
CLI: Configuring VLAN Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-59
Web: Viewing and Configuring VLAN Parameters . . . . . . . . . . . . . . . 9-65
VLAN Tagging Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-66
Effect of VLANs on Other Switch Features . . . . . . . . . . . . . . . . . . . . . 9-70
Spanning Tree Protocol Operation with VLANs . . . . . . . . . . . . . 9-70
IP Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-70
VLAN MAC Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-71
Port Trunks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-71
Port Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-71
VLAN Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-72
Symptoms of Duplicate MAC Addresses in VLAN
Environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-72
GVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-73
General Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-74
Per-Port Options for Handling GVRP “Unknown VLANs” . . . . . . . . . 9-76
Per-Port Options for Dynamic VLAN Advertising and Joining . . . . . 9-78
GVRP and VLAN Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-79
Port-Leave From a Dynamic VLAN . . . . . . . . . . . . . . . . . . . . . . . . 9-79
Planning for GVRP Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-80
Configuring GVRP On a Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-80
Menu: Viewing and Configuring GVRP . . . . . . . . . . . . . . . . . . . . . 9-80
CLI: Viewing and Configuring GVRP . . . . . . . . . . . . . . . . . . . . . . . 9-82
Web: Viewing and Configuring GVRP . . . . . . . . . . . . . . . . . . . . . . 9-85
GVRP Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-85
Multimedia Traffic Control with IP Multicast (IGMP) . . . . . . . . . . 9-87
Page 14
x
Contents
How IGMP Operates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-88
Role of the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-89
IP Multicast Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-91
Number of IP Multicast Addresses Allowed . . . . . . . . . . . . . . . . . 9-92
IGMP Operating Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-93
IGMP Operation With or Without IP Addressing . . . . . . . . . . . . . 9-93
Fast-Leave IGMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-94
CLI: Configuring and Displaying IGMP . . . . . . . . . . . . . . . . . . . . . . . . 9-96
Web: Enabling or Disabling IGMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-101
Spanning Tree Protocol (STP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-102
Menu: Configuring STP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-103
CLI: Configuring STP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-105
Web: Enabling or Disabling STP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-108
How STP Operates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-108
STP Fast Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-109
STP Operation with 802.1Q VLANs . . . . . . . . . . . . . . . . . . . . . . . 9-110
10 Monitoring and Analyzing Switch Operation
Status and Counters Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2
Menu Access To Status and Counters . . . . . . . . . . . . . . . . . . . . . . . . . 10-3
General System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4
Menu Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4
CLI Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4
Switch Management Address Information . . . . . . . . . . . . . . . . . . . . . . 10-5
Menu Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-5
CLI Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-5
Port Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6
Menu: Displaying Port Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6
CLI Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6
Web Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6
Viewing Port and Trunk Group Statistics . . . . . . . . . . . . . . . . . . . . . . 10-7
Menu Access to Port and Trunk Statistics . . . . . . . . . . . . . . . . . . 10-8
CLI Access To Port and Trunk Group Statistics . . . . . . . . . . . . . 10-9
Web Browser Access To View Port and Trunk Group Statistics 10-9
Viewing the Switch’s MAC Address Tables . . . . . . . . . . . . . . . . . . . . 10-10
Menu Access to the MAC Address Views and Searches . . . . . . 10-11
CLI Access for MAC Address Views and Searches . . . . . . . . . . 10-13
Page 15
xi
Contents
Spanning Tree Protocol (STP) Information . . . . . . . . . . . . . . . . . . . . 10-14
Menu Access to STP Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-14
CLI Access to STP Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-15
Internet Group Management Protocol (IGMP) Status . . . . . . . . . . . 10-16
VLAN Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-17
Web Browser Interface Status Information . . . . . . . . . . . . . . . . . . . . 10-19
Port Monitoring Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-20
Menu: Configuring Port Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . 10-21
CLI: Configuring Port Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-23
Web: Configuring Port Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-25
11 Troubleshooting
Troubleshooting Approaches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2
Browser or Console Access Problems . . . . . . . . . . . . . . . . . . . . . . . . . . 11-3
Unusual Network Activity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-5
General Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-5
IGMP-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-6
Problems Related to Spanning-Tree Protocol (STP) . . . . . . . . . . . . . 11-7
Stacking-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-7
Timep or Gateway Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-7
VLAN-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-8
Using the Event Log To Identify Problem Sources . . . . . . . . . . . . . 11-10
Menu: Entering and Navigating in the Event Log . . . . . . . . . . . . . . . 11-11
CLI: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-12
Diagnostic Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-13
Ping and Link Tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-13
Web: Executing Ping or Link Tests . . . . . . . . . . . . . . . . . . . . . . . 11-14
CLI: Ping or Link Tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-15
Displaying the Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-17
CLI: Viewing the Configuration File . . . . . . . . . . . . . . . . . . . . . . 11-17
Web: Viewing the Configuration File . . . . . . . . . . . . . . . . . . . . . . 11-17
CLI Administrative and Troubleshooting Commands . . . . . . . . . . . 11-18
Restoring the Factory-Default Configuration . . . . . . . . . . . . . . . . . 11-19
CLI: Resetting to the Factory-Default Configuration . . . . . . . . . . . . 11-19
Clear/Reset: Resetting to the Factory-Default Configuration . . . . . 11-20
Page 16
xii
Contents
A Transferring an Operating System or Startup
Configuration File
Downloading an Operating System (OS) . . . . . . . . . . . . . . . . . . . . . . . A-1
Using TFTP To Download the OS File from a Server . . . . . . . . . . . . . A-2
Menu: TFTP Download from a Server . . . . . . . . . . . . . . . . . . . . . . A-3
CLI: TFTP Download from a Server . . . . . . . . . . . . . . . . . . . . . . . A-4
Switch-to-Switch Download . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-4
Menu: Switch-to-Switch Download . . . . . . . . . . . . . . . . . . . . . . . . A-4
CLI: Switch-To-Switch Download . . . . . . . . . . . . . . . . . . . . . . . . . A-5
Using Xmodem to Download the OS File From a PC . . . . . . . . . . . . . A-6
Menu: Xmodem Download . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-6
CLI: Xmodem Download from a PC or Unix Workstation . . . . . A-6
Troubleshooting TFTP Downloads . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-8
Transferring Switch Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . A-9
B MAC Address Management
Determining MAC Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1
Menu: Viewing the Switch’s MAC Addresses . . . . . . . . . . . . . . . . . . . . B-2
CLI: Viewing the Port and VLAN MAC Addresses . . . . . . . . . . . . . . . . B-3
C Switch Memory and Configuration
Overview of Configuration File Management . . . . . . . . . . . . . . . . . . C-1
Using the CLI To Implement Configuration Changes . . . . . . . . . . . C-3
Using the Menu and Web Browser Interfaces To Implement
Configuration Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-6
Using the Menu Interface To Implement Configuration Changes . . C-6
Using Save and Cancel in the Menu Interface . . . . . . . . . . . . . . . C-7
Rebooting from the Menu Interface . . . . . . . . . . . . . . . . . . . . . . . C-8
Using the Web Browser Interface To Implement Configuration
Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C-9
D Daylight Savings Time
Index
Page 17
1-1
Selecting a Management
Interface
1
Selecting a Management Interface
This chapter describes the following:
Management interfaces for the SMC6624M switch
Advantages of using each interface
Understanding Management Interfaces
Management interfaces enable you to reconfigure the switch and to monitor switch status and performance. The SMC6624M switch offers the following interfaces:
Menu interface—a menu-driven interface offering a subset of switch
commands through the built-in VT-100/ANSI console—page 1-2
CLI—a command line interface offering the full set of switch commands
through the VT-100/ANSI console built into the switch—page 1-3
Web browser interface --a switch interface offering status information
and a subset of switch commands through a standard web browser (such as Netscape Navigator or Microsoft Internet Explorer)—page 1-4
This manual describes how to use the menu interface (chapter 2), the CLI (chapter 3), the web browser interface (chapter 4), and how to use these interfaces to configure and monitor the switch.
Page 18
1-2
Selecting a Management Interface
Advantages of Using the Menu Interface
Selecting a Management
Interface
Advantages of Using the Menu Interface
Figure 1-1. Example of the Console Interface Display
Provides quick, easy management access to a menu-driven subset of
switch configuration and performance features:
The menu interface also provides access for:
Offers out-of-band access (through the RS-232 connection) to the
switch, so network bottlenecks, crashes, lack of configured or correct IP address, and network downtime do not slow or prevent access.
Enables Telnet (in-band) access to the menu functionality.
Allows faster navigation, avoiding delays that occur with slower
display of graphical objects over a web browser interface.
Provides more security; configuration information and passwords are
not seen on the network.
• IP addressing
•VLANs
•Security
• Port and Static Trunk Group
• Stack Management
• Spanning Tree
• System information
• Passwords and other security features
• SNMP communities
• Setup screen
• Event Log display
• Switch and port status displays
• Switch and port statistic and counter displays
• Reboots
• Software downloads
Page 19
1-3
Selecting a Management Interface
Advantages of Using the CLI
Selecting a Management
Interface
Advantages of Using the CLI
Figure 1-2. Example of The Command Prompt
Provides access to the complete set of the switch configuration, perfor-
mance, and diagnostic features.
Offers out-of-band access (through the RS-232 connection) or Telnet (in-
band) access.
Enables quick, detailed system configuration and management access to
system operators and administrators experienced in command prompt interfaces.
Provides help at each level for determining available options and vari-
ables.
CLI Usage
For information on how to use the CLI, refer to chapter 3. “Using the
Command Line Interface (CLI).”
To perform specific procedures (such as configuring IP addressing or
VLANs), use the Contents listing at the front of the manual to locate the information you need.
To monitor and analyze switch operation, see chapter 10, “Monitoring and
Analyzing Switch Operation.”
For information on individual CLI commands, refer to the Index.
SMC6624M>
Operator Level
SMC6624M#
Manager Level
SMC6624M(config)#
Global Configuration Level
SMC6624M(<context>)#
Context Configuration Levels (port, VLAN)
Page 20
1-4
Selecting a Management Interface
Advantages of Using the Web Browser Interface
Selecting a Management
Interface
Advantages of Using the Web Browser Interface
Figure 1-3. Example of the Web Browser Interface
Easy access to the switch from anywhere on the network
Familiar browser interface--locations of window objects consistent
with commonly used browsers, uses mouse clicking for navigation, no terminal setup
Many features have all their fields in one screen so you can view all
values at once
More visual cues, using colors, status bars, device icons, and other
graphical objects instead of relying solely on alphanumeric values
Display of acceptable ranges of values available in configuration list
boxes
For specific requirements, see “Web Browser Interface Requirements” on page 4-3.
Page 21
2-1
Using the Menu Interface
2
Using the Menu Interface
This chapter describes the following features:
Overview of the Menu Interface (page 4-1)
Starting and ending a Menu session (page 2-2)
The Main Menu (page 2-6)
Screen structure and navigation (page 2-8)
Rebooting the switch (page 2-11)
The menu interface operates through the switch console to provide you with a subset of switch commands in an easy-to-use menu format enabling you to:
Perform a “quick configuration” of basic parameters, such as the IP
addressing needed to provide management access through your network
Configure these features:
View status, counters, and Event Log information
Download new software system
Reboot the switch
For a detailed list of menu features, see the “Menu Features List” on page 2-13.
Privilege Levels and Password Security. SMC strongly recommends that you configure a Manager password to help prevent unauthorized access to your network. A Manager password grants full read-write access to the switch. An Operator password, if configured, grants access to status and counter, Event Log, and the Operator level in the CLI. After you configure passwords on the switch and log off of the interface, access to the menu interface (and the CLI and web browser interface) will require entry of either the Manager
Manager and Operator pass­words
System parameters
IP addressing
•Ports
One trunk group
A network monitoring port
Stack Management
Spanning Tree operation
SNMP community names
•IP authorized managers
VLANs (Virtual LANs)
Page 22
2-2
Using the Menu Interface
Starting and Ending a Menu Session
Using the Menu Interface
or Operator password. (If the switch has only a Manager password, then someone without a password can still gain read-only access.) For more information on passwords, see “Using Password Security” on page 7-2.
Menu Interaction with Other Interfaces.
A configuration change made through any switch interface overwrites
earlier changes made through any other interface.
The Menu Interface and the CLI (Command Line Interface) both use the
switch console. To enter the menu from the CLI, use the
menu command.
To enter the CLI from the Menu interface, select
Command Line (CLI) option.)
Starting and Ending a Menu Session
You can access the menu interface using any of the following:
A direct serial connection to the switch’s console port, as described in the
installation guide you received with the switch
A Telnet connection to the switch console from a networked PC or the
switch’s web browser interface. Telnet requires that an IP address and subnet mask compatible with your network have already been configured on the switch.
The stack Commander, if the switch is a stack member
Note This section assumes that either a terminal device is already configured and
connected to the switch (see the Installation Guide shipped with your switch) or that you have already configured an IP address on the switch (required for Telnet access).
Page 23
2-3
Using the Menu Interface
Starting and Ending a Menu Session
Using the Menu Interface
How To Start a Menu Interface Session
In its factory default configuration, the switch console starts with the CLI prompt. To use the menu interface with Manager privileges, go to the Manager level prompt and enter the
menu command.
1. Use one of these methods to connect to the switch:
A PC terminal emulator or terminal
•Telnet
(You can also use the stack Commander if the switch is a stack member. See “Stack Management” on page 9-2).
2. Do one of the following:
If you are using Telnet, go to step 3.
If you are using a PC terminal emulator or a terminal, press [Enter] one or more times until a prompt appears.
3. When the switch screen appears, do one of the following:
If a password has been configured, the password prompt appears.
Password: _
Type the Manager password and press [Enter]. Entering the Manager password gives you manager-level access to the switch. (Entering the Operator password gives you operator-level access to the switch. See “Using Password Security” on page 7-2.)
If no password has been configured, the CLI prompt appears. Go to the next step.
4. When the CLI prompt appears, display the Menu interface by entering the
menu command. For example:
SMC TigerStack II 10/100# menu [Enter]
results in:
Page 24
2-4
Using the Menu Interface
Starting and Ending a Menu Session
Using the Menu Interface
Figure 2-1. The Main Menu with Manager Privileges
For a description of Main Menu features, see “Main Menu Features” on page 2-6.
Note To configure the switch to start with the menu interface instead of the CLI, go
to the Manager level prompt, enter the
setup command, and in the resulting
desplay, change the
Logon Default parameter to Menu. For more information, see
the Installation Guide you received with the switch.
How To End a Menu Session and Exit from the Console:
The method for ending a menu session and exiting from the console depends on whether, during the session, you made any changes to the switch configu­ration that require a switch reboot to activate. (Most changes need only a S
ave,
and do not require a switch reboot.) Configuration changes needing a reboot are marked with an asterisk (*) next to the configured item in the Configura­tion menu and also next to the Switch Configuration item in the Main Menu.
Page 25
2-5
Using the Menu Interface
Starting and Ending a Menu Session
Using the Menu Interface
Figure 2-2. An Asterisk Indicates a Configuration Change Requiring a Reboot
1. In the current session, if you have not made configuration changes that require a switch reboot to activate, return to the Main menu and press [0] (zero) to log out. Then just exit from the terminal program, turn off the terminal, or quit the Telnet session.
2. If you have made configuration changes that require a switch reboot— that is, if an asterisk (*) appears next to a configured item or next to Switch Configuration in the Main menu:
a. Return to the Main menu. b. Press [6] to select Reboot Switch and follow the instructions on the
reboot screen.
Rebooting the switch terminates the menu session, and, if you are using Telnet, disconnects the Telnet session.
(See “Rebooting To Activate Configuration Changes” on page 2-12.)
3. Exit from the terminal program, turn off the terminal, or close the Telnet application program.
Asterisk indicates a configuration change that requires a reboot to activate.
Page 26
2-6
Using the Menu Interface
Main Menu Features
Using the Menu Interface
Main Menu Features
Figure 2-3. The Main Menu View with Manager Privileges
The Main Menu gives you access to these Menu interface features:
Status and Counters: Provides access to display screens showing
switch information, port status and counters, port and VLAN address tables, and spanning tree information. (See chapter 10, “Monitoring and Analyzing Switch Operation.”)
Switch Configuration: Provides access to configuration screens for
displaying and changing the current configuration settings. (See the Con­tents listing at the front of this manual.) For a listing of features and parameters configurable through the menu interface, see the “Menu Fea­tures List” on page 2-13.
Console Passwords: Provides access to the screen used to set or change
Manager-level and Operator-level passwords, and to delete Manager and Operator password protection. (See “Using Password Security” on page page 7-2.)
Event Log: Enables you to read progress and error messages that are
useful for checking and troubleshooting switch operation. (See “Using the Event Log To Identify Problem Sources” on page 11-10.)
Page 27
2-7
Using the Menu Interface
Main Menu Features
Using the Menu Interface
Command Line (CLI): Selects the Command Line Interface at the same
level (Manager or Operator) that you are accessing in the Menu interface. (See chapter 3, “Using the Command Line Interface (CLI).”)
Reboot Switch: Performs a “warm” reboot of the switch, which clears
most temporary error conditions, resets the network activity counters to zero, and resets the system up time to zero. A reboot is required to activate a change in the VLAN Support parameter. (See “Rebooting from the Menu Interface” on page C-8.)
Download OS: Enables you to download a new software version to the
switch. (See appendix A, “Transferring an Operating System or Configu­ration.”)
Run Setup: Displays the Switch Setup screen for quickly configuring
basic switch parameters such as IP addressing, default gateway, logon default interface, spanning tree, and others. (See the Installation Guide shipped with your switch.)
Stacking: Enables you to use a single IP address and standard network
cabling to manage a group of up to 16 switches in the same subnet (broadcast domain). See “Stack Management” on page 9-2.
Logout: Closes the Menu interface and console session, and disconnects
Telnet access to the switch. (See “How to End a Menu Session and Exit from the Console” on page 2-4.)
Page 28
2-8
Using the Menu Interface
Screen Structure and Navigation
Using the Menu Interface
Screen Structure and Navigation
Menu interface screens include these three elements:
Parameter fields and/or read-only information such as statistics
Navigation and configuration actions, such as Save, Edit, and Cancel
Help line to describe navigation options, individual parameters, and read-
only data
For example, in the following System Information screen:
Figure 4-1. Elements of the Screen Structure
“Forms” Design. The configuration screens, in particular, operate similarly to a number of PC applications that use forms for data entry. When you first enter these screens, you see the current configuration for the item you have selected. To change the configuration, the basic operation is to:
1. Press [E] to select the E
dit action.
2. Navigate through the screen making all the necessary configuration changes. (See Table 4-1 on the next page.)
3. Press [Enter] to return to the Actions line. From there you can save the configuration changes or cancel the changes. Cancel returns the configu­ration to the values you saw when you first entered the screen.
Help line describing the selected action or selected parameter field
Parameter fields
Help describing each of the items in the parameter fields
Navigation instructions
Actions line
Screen title – identifies the location within the menu structure
System name
Page 29
2-9
Using the Menu Interface
Screen Structure and Navigation
Using the Menu Interface
Table 4-1. How To Navigate in the Menu Interface
Task: Actions:
Execute an action from the “Actions –>” list at the bottom of the screen:
Use either of the following methods:
• Use the arrow keys ( [<] ,or [>] ) to highlight the action you want to execute, then press [Enter].
• Press the key corresponding to the capital letter in the action name. For example, in a configuration menu, press [E] to select Edit and begin editing parameter values.
Reconfigure (edit) a parameter setting or a field:
1. Select a configuration item, such as System Name. (See figure 4-1.)
2. Press [E] (for E
dit on the Actions line).
3. Use [Tab] or the arrow keys ([<], [>], [^], or [v]) to highlight the item or field.
4. Do one of the following: – If the parameter has preconfigured values, either use the
Space bar to select a new option or type the first part of your selection and the rest of the selection appears automatically. (The help line instructs you to “Select” a value.)
– If there are no preconfigured values, type in a value (the Help
line instructs you to “Enter” a value).
5. If you want to change another parameter value, return to step 3.
6. If you are finished editing parameters in the displayed screen, press [Enter] to return to the Actions line and do one of the following:
– To save and activate configuration changes, press [S] (for the
Save action). This saves the changes in the startup configuration and also implements the change in the currently running configuration. (See appendix C, "Switch Memory and Configuration.)
– To exit from the screen without saving any changes that you
have made (or if you have not made changes), press [C] (for the Cancel action).
Note: In the menu interface, executing Save activates most parameter changes and saves them in the startup configuration (or flash) memory, and it is therefore not necessary to reboot the switch after making these changes. But if an asterisk appears next to any menu item you reconfigure, the switch will not activate or save the change for that item until you reboot the switch. In this case, rebooting should be done after you have made all desired changes and then returned to the Main Menu.
7. When you finish editing parameters, return to the Main Menu.
8. If necessary, reboot the switch by highlighting Reboot Switch in the Main Menu and pressing [Enter]. (See the Note, above.)
Exit from a read-only screen.
Press [B] (for the Back action).
Page 30
2-10
Using the Menu Interface
Screen Structure and Navigation
Using the Menu Interface
To get Help on individual parameter descriptions. In most screens there is a Help option in the Actions line. Whenever any of the items in the Actions line is highlighted, press [H], and a separate help screen is displayed. For example:
Figure 4-2. Example Showing How To Display Help
To get Help on the actions or data fields in each screen: Use the arrow keys ( [<], [>], [^], or [v]) to select an action or data field. The help line under the Actions items describes the currently selected action or data field.
For guidance on how to navigate in a screen: See the instructions provided at the bottom of the screen, or refer to “Screen Structure and Navigation” on page 2-8.)
Pressing [H] or highlighting Help and pressing [Enter] displays Help for the parameters listed in the upper part of the screen
Highlight on any ite m in the Actions line indicates that the Actions line is active.
The Help line provides a brief descriptor of the highlighted Action item or parameter.
Page 31
2-11
Using the Menu Interface
Rebooting the Switch
Using the Menu Interface
Rebooting the Switch
Rebooting the switch from the menu interface
Terminates all current sessions and performs a reset of the operating
system
Activates any configuration changes that require a reboot
Resets statistical counters to zero
(Note that statistical counters can be reset to zero without rebooting the switch.)
To Reboot the switch, use the Reboot Switch option in the Main Menu. (Note that the Reboot Switch option is not available if you log on in Operator mode; that is, if you enter an Operator password instead of a manager password at the password prompt.)
Figure 4-3. The Reboot Switch Option in the Main Menu
Reboot Switch option
Page 32
2-12
Using the Menu Interface
Rebooting the Switch
Using the Menu Interface
Rebooting To Activate Configuration Changes. Configuration changes for most parameters become effective as soon as you save them. However, you must reboot the switch in order to implement a change in the
Maximum
VLANs to support parameter
. (To access this parameter, go to the Main menu and
select 2. Switch Configuration, then 8. VLAN Menu, then
1. VLAN Support.)
If configuration changes requiring a reboot have been made, the switch displays an asterisk (*) next to the menu item in which the change has been made. For example, if you change and save the value for the Maximum VLANs to
support
parameter, an asterisk appears next to the VLAN Support entry in the
VLAN Menu screen, and also next to the the
Switch Configuration . . . entry in the
Main menu, as shown in figure 4-6:
Figure 4-4. Indication of a Configuration Change Requiring a Reboot
To activate changes indicated by the asterisk, go to the Main Menu and select the
Reboot Switch option.
Note Executing the write memory command in the CLI does not affect pending
configuration changes indicated by an asterisk in the menu interface. That is, only a reboot from the menu interface or a boot or reload command from the CLI will activate a pending configuration change indicated by an asterisk.
Reminder to reboot the switch to activate configuration changes.
Asterisk indicates a configuration change that requires a reboot in order to take effect.
Page 33
2-13
Using the Menu Interface
Menu Features List
Using the Menu Interface
Menu Features List
Status and Counters
General System Information
Switch Management Address Information
Port Status
Port Counters
Address Table
Port Address Table
Spanning Tree Information
Switch Configuration
System Information
Port/Trunk Settings
Network Monitoring Port
Spanning Tree Operation
IP Configuration
SNMP Community Names
IP authorized Managers
VLAN Menu
Console Passwords
Event Log
Command Line (CLI)
Reboot Switch
Download OS
Run Setup
Stacking
Stacking Status (This Switch)
Stacking Status (All)
Stack Configuration
•Stack Management (Available in Stack Commander Only)
Stack Access (Available in Stack Commander Only)
Logout
Page 34
2-14
Using the Menu Interface
Where To Go From Here
Using the Menu Interface
Where To Go From Here
This chapter provides an overview of the menu interface and how to use it. The following table indicates where to turn for detailed information on how to use the individual features available through the menu interface.
Option Wh ere To Tu rn
To use the Run Setup option See the Installation Guide shipped with the
switch.
To use the Stack Manager “Stack Management” on page 9-2
To view and monitor switch status and counters
Chapter 10, “Monitoring and Analyzing Switch Operation”
To learn how to configure and use passwords
“Using Password Security” on page 7-2
To learn how to use the Event Log “Using the Event Log To Identify Problem
Sources” on page 11-10
To learn how the CLI operates Chapter 3, “Using the Command Line Interface
(CLI)”
To download software (the OS) Appendix A, “File Transfers”
For a description of how switch memory handles configuration changes
Appendix C, “Switch Memory and Configuration”
For information on other switch features and how to configure them
See the Table of Contents at the front of this manual.
Page 35
3-1
Using the Command Line
Interface (CLI)
3
Using the Command Line Interface (CLI)
The CLI is a text-based command interface for configuring and monitoring the switch. The CLI gives you access to the switch’s full set of commands while providing the same password protection that is used in the web browser interface and the menu interface.
Accessing the CLI
Like the menu interface, the CLI is accessed through the switch console, and, in the switch’s factory default state, is the default interface when you start a console session. You can access the console out-of-band by directly connecting a terminal device to the switch, or in-band by using Telnet either from a terminal device or through the web browser interface.
Also, if you are using the menu interface, you can access the CLI by selecting the Command Line (CLI) option in the Main Menu.
Using the CLI
The CLI offers these privilege levels to help protect the switch from unautho­rized access:
•Operator
Manager
Global Configuration
Context Configuration
Note CLI commands are not case-sensitive.
Page 36
3-2
Using the Command Line Interface (CLI)
Using the CLI
Using the Command Line
Interface (CLI)
When you use the CLI to make a configuration change, the switch writes the change to the Running-Config file in volatile memory. This allows you to test your configuration changes before making them permanent. To make changes permanent, you must use the write memory command to save them to the Startup Config file in non-volatile memory. If you reboot the switch without first using write memory, all changes made since the last reboot or write memory (whichever is later) will be lost. For more on switch memory and saving configuration changes, see appendix C, “Switch Memory and Configuration.”
Note CLI configuration changes are not saved from the Menu interface to the
startup-config file unless you make a configuration change in the Menu interface before using the Save command. That is, if you use the CLI to make a change to the running-config file and then go to the Menu interface and execute a Save command without making a configuration change in the Menu interface, the CLI change made to the running-config file is not saved to the startup-config file. (You can still save the change by returning to the global configuration level in the CLI and executing write memory).
Privilege Levels at Logon
Privilege levels control the type of access to the CLI. To implement this control, you must set at least a Manager password. Without a Manager
password configured, anyone having serial port, Telnet, or web browser access to the switch can reach all CLI levels. (For more on setting passwords,
see “Using Password Security” on page 7-2.)
When you use the CLI to log on to the switch, and passwords are set, you will be prompted to enter a password. For example:
Figure 3-1. Example of CLI Log-On Screen with Password(s) Set
SMC 6624M TigerStack II 10/100 Firmware revision F.02.07
Password:
Password Prompt
Page 37
3-3
Using the Command Line Interface (CLI)
Using the CLI
Using the Command Line
Interface (CLI)
In the above case, you will enter the CLI at the level corresponding to the password you provide (operator or manager).
If no passwords are set when you log onto the CLI, you will enter at the Manager level. For example:
SMC6624M# _
Caution SMC strongly recommends that you configure a Manager password. If a Man-
ager password is not configured, then the Manager level is not password­protected, and anyone having in-band or out-of-band access to the switch may be able to reach the Manager level and compromise switch and network security. Note that configuring only an Operator password does not prevent access to the Manager level by intruders who have the Operator password.
Pressing the Clear button on the front of the switch removes password protection. For this reason, it is recommended that you protect the switch from physical access by unauthorized persons. If you are concerned about switch security and operation, you should install the switch in a secure location, such as a locked wiring closet.
Privilege Level Operation
Figure 3-2. Privilege Level Access Sequence
Operator Privileges
At the Operator level you can examine the current configuration and move between interfaces without being able to change the configuration. A “>” character delimits the Operator-level prompt. For example:
SMC6624M> _ (Example of the Operator prompt.)
Manager Level
Global Configuration Level
Operator Privileges
Manager Privileges
Operator Level
Context Configuration Level
Page 38
3-4
Using the Command Line Interface (CLI)
Using the CLI
Using the Command Line
Interface (CLI)
When using enable to move to the Manager level, the switch prompts you for the Manager password if one has already been configured.
Manager Privileges
Manager privileges give you three additional levels of access: Manager, Global Configuration, and Context Configuration. (See figure .) A “#” character delimits any Manager prompt. For example:
SMC6624M#_ (Example of the Manager prompt.)
Manager level: Provides all Operator level privileges plus the ability to
perform system-level actions that do not require saving changes to the system configuration file. The prompt for the Manager level contains only the system name and the “#” delimiter, as shown above. To select this level, enter the enable command at the Operator level prompt and enter the Manager password, when prompted. For example:
SMC6624M> enable (Enter enable at the Operator prompt.) SMC6624M# _ (The Manager prompt.)
Global Configuration level: Provides all Operator and Manager level
privileges, and enables you to make configuration changes to any of the switch’s software features. The prompt for the Global Configuration level includes the system name and “(config).” To select this level, enter the config command at the Manager prompt. For example:
SMC6624M# _ (Enter config at the Manager prompt.) SMC6624M(config)#_ (The Global Config prompt.)
Context Configuration level: Provides all Operator and Manager priv-
ileges, and enables you to make configuration changes in a specific context, such as one or more ports or a VLAN. The prompt for the Context Configuration level includes the system name and the selected context. For example:
SMC6624M(eth-1)# SMC6624M(vlan-10)#
The Context level is useful, for example, if you want to execute several commands directed at the same port or VLAN, or if you want to shorten the command strings for a specific context area. To select this level, enter the specific context at the Global Configuration level prompt. For example, to select the context level for an existing VLAN with the VLAN ID of 10, you would enter the following command and see the indicated result:
SMC6624M(config)# vlan 10 SMC6624M(vlan-10)#
Page 39
3-5
Using the Command Line Interface (CLI)
Using the CLI
Using the Command Line
Interface (CLI)
Changing Interfaces. If you change from the CLI to the menu interface, or the reverse, you will remain at the same privilege level. For example, entering the menu command from the Operator level of the CLI takes you to the Operator privilege level in the menu interface.
Table 3-1. Privilege Level Hierarchy
Privile ge Level Example of Prompt and Permitted Operations
Operator Privilege
Operator Level SMC6624M> show <command>
setup
ping <argument> link-test <argument>
enable
menu
logoff
View status and configuration information.
Perform connectivity tests.
Move from the Operator level to the Manager level.
Move from the CLI interface to the menu interface.
Exit from the CLI interface and terminate the console session.
Manager Privilige
Manager Level SMC6624M# Perform system-level actions such as system control, monitoring, and
diagnostic commands, plus any of the Operator-level commands. For a list of available commands, enter
? at the prompt.
Global Configuration Level
SMC6624M(config)# Execute configuration commands, plus all Operator and Manager commands .
For a list of available commands, enter
? at the prompt.
Context Configuration Level
SMC6624M(eth-5)# SMC6624M(vlan-100)#
Execute context-specific configuration commands, such as a particular VLAN or switch port. This is useful for shortening the command strings you type, and for entering a series of commands for the same context. For a list of available commands, enter
? at the prompt.
Page 40
3-6
Using the Command Line Interface (CLI)
Using the CLI
Using the Command Line
Interface (CLI)
How To Move Between Levels
Moving Between the CLI and the Menu Interface. When moving between interfaces, the switch retains the current privilege level (Manager or Operator). That is, if you are at the Operator level in the menu and select the Command Line Interface (CLI) option from the Main Menu, the CLI prompt appears at the Operator level.
Changing Parameter Settings. Regardless of which interface is used (CLI, menu interface, or web browser interface), the most recently configured version of a parameter setting overrides any earlier settings for that parameter.
Change in Levels Example of Prompt , Command, and Result
Operator level to Manager level
SMC6624M> enable Password:_
After you enter
enable, the Password prompt
appears. After you enter the Manager password, this prompt appears:
SMC6624M#_
Manager level to Global configuration level
SMC6624M# config SMC6624M(config)#
Global configuration level to a Context configuration level
SMC6624M(config)# vlan-10 SMC6624M(vlan-10)#
Context configuration level
to another Context configuration level
SMC6624M(vlan-10)# interface ethernet 3 SMC6624M(int-3)#
Move from any level to the preceding level
SMC6624M(int-3)# exit SMC6624M(config)# exit SMC6624M2# exit SMC6624M2>
Move from any level to the Manager level
SMC6624M(int-3)# end SMC6624M# —or— SMC6624M(config)# end SMC6624M#
Page 41
3-7
Using the Command Line Interface (CLI)
Using the CLI
Using the Command Line
Interface (CLI)
For example, if you use the CLI to set a Manager password, and then later use the Setup screen (in the menu interface) to set a different Manager password, then the first password will be replaced by the second one.
Listing Commands and Command Options
At any privilege level you can:
List all of the commands available at that level
List the options for a specific command
Listing Commands Available at Any Privilege Level
At a given privilege level you can execute the commands that level offers, plus all of the commands available at preceding levels. Similarly, at a given privilege level, you can list all of that level’s commands plus the commands made available at preceding levels. For example, at the Operator level, you can list and execute only the Operator level commands. However, at the Manager level, you can list and execute the commands available at both the Operator and Manager levels.
Type “?” To List Available Commands. Typ ing th e
? symbol lists the
commands you can execute at the current privilege level. For example, typing
? at the Operator level produces this listing:
Figure 3-3. Example of the Operator Level Command Listing
SMC6624M> ?
enable Enter the Manager Exec context exit Return to the previous context or terminate current
session if in the outermost context link-test Test the connection to a MAC address on the LAN logout Terminate this console/telnet session menu Switch to the menu system ping Send IP Ping requests to a device on the network show Display configuration and status/counter information
SMC6624M>
Page 42
3-8
Using the Command Line Interface (CLI)
Using the CLI
Using the Command Line
Interface (CLI)
Typing ? at the Manager level produces this listing:
Figure 3-4. Example of the Manager-Level Command Listing
When - - MORE - - appears, there are more commands in the listing. To list the next screenfull of commands, press the Space bar. To list the remaining commands one-by-one, repeatedly press [Enter].
Typing ? at the Global Configuration level or the Context Configuration level produces similar results.
Use [Tab] To Search for or Complete a Command Word. You can use [Tab] to help you find CLI commands or to quickly complete the current word in a command. To do so, press [Tab] immediately after typing the last letter of the last keyword in the CLI (with no spaces allowed). For example, at the Global Configuration level, if you press [Tab] immediately after typing “t,” the CLI displays the available command options that begin with “t.” For example:
SMC6624M(config)# t[Tab] telnet-server time trunk telnet SMC6624M(config)# t
SMC6624M# ?
boot Reboot the device configure Enter the Configuration context copy Copy datafiles to/from the switch end Return to the Manager Exec context erase Erase configuration file stored in flash getMIB Retrieve and display the MIB objects specified kill Kill all other active telnet/console sessions log Display log events page Toggle paging mode print Execute command and redirect its output redo Re-execute a command from history reload Warm reboot of the switch repeat Repeat execution of the previous command clear Reset sundry statistics setMIB Set the value of a MIB object setup Set up initial configuration for the switch telnet Initiate an outbound telnet session terminal Set the dimensions of the terminal window update Enter ROM monitoring mode walkMIB Display MIB objects and values write View or save the running configuration of the switch
-- MORE --
When - - MORE - - appears, use the Space bar or [Return] to list additional commands.
Page 43
3-9
Using the Command Line Interface (CLI)
Using the CLI
Using the Command Line
Interface (CLI)
As mentioned above, if you type part of a command word and press [Tab], the CLI completes the current word (if you have typed enough of the word for the CLI to distinguish it from other possibilities), including hyphenated exten­sions. For example:
SMC6624M(config)# port[Tab] SMC6624M(config)# port-security _
Pressing [Tab] after a completed command word lists the further options for that command.
SMC6624M(config)# stack[Tab] commander <commander-str> join <mac-addr> auto-join transmission-interval <integer> <cr> SMC6624M(config)# stack
Command Option Displays
Conventions for Command Option Displays. When you use the CLI to list options for a particular command, you will see one or more of the following conventions to help you interpret the command data:
Braces ( < > ) indicate a required choice.
Square brackets ([ ]) indicate optional elements.
Vertical bars ( | ) separate alternative, mutually exclusive options in a
command.
Figure 3-5.Example of Command Option Conventions
SMC6624M(config)# trunk?
<trk1> <trunk|lacp> <[ethernet] port-list>
SMC6624M(config)# trunk
The braces (< >) show that the trunk command requires all three parameters.
The vertical bar (
| ) shows that eit her trunk
or lacp must be included.
The square brackets ([ ]) show that ethernet is optional.
Page 44
3-10
Using the Command Line Interface (CLI)
Using the CLI
Using the Command Line
Interface (CLI)
Thus, if you wanted to create a port trunk group using ports 5 - 8, the above conventions show that you could do so using any of the following forms of the trunk command:
SMC6624M(config)# trunk trk1 trunk 5-8 SMC6624M(config)# trunk trk1 trunk e 5-8
SMC6624M(config)# trunk trk1 lacp 5-8 SMC6624M(config)# trunk trk1 lacp e 5-8
Listing Command Options. You can use the CLI to remind you of the options available for a command by entering command keywords followed by
?. For example, suppose you wanted to see the command options for config-
uring port 5:
Figure 3-6. Example of How To List the Options for a Specific Command
Displaying CLI “Help”
CLI Help provides two types of context-sensitive information:
Command list with a brief summary of each command’s purpose
Detailed information on how to use individual commands
Displaying Command-List Help. You can display a listing of command Help summaries for all commands available at the current privilege level. That is, when you are at the Operator level, you can display the Help summaries only for Operator-Level commands. At the Manager level, you can display the Help summaries for both the Operator and Manager levels, and so on.
Syntax: help
For example, to list the Operator-Level commands with their purposes:
SMC6624M(config)# interface e 5?
flow-control Enable/disable flow control on the port speed-duplex Define mode of operation for the port broadcast-limit Set a broadcast traffic percentage limit unknown-vlans Define what the port will do when it encounters GVRP
packet requesting it to join a VLAN enable Enable port disable Disable port lacp Define whether LACP is enabled on the port, and whether
it is in active or passive mode when enabled monitor Define that the port is to be monitored <cr>
This example displays the command options for configuring port 5 on the switch.
Page 45
3-11
Using the Command Line Interface (CLI)
Using the CLI
Using the Command Line
Interface (CLI)
Figure 3-7. Example of Context-Sensitive Command-List Help
Displaying Help for an Individual Command. You can display Help for any command that is available at the current context level by entering enough of the command string to identify the command, along with help.
Syntax: <command string> help
For example, to list the Help for the interface command in the Global Configuration privilege level:
Figure 3-8. Example of How To Display Help for a Specific Command
A similar action lists the Help showing additional parameter options for a given command. The following example illustrates how to list the Help for an interface command acting on a specific port:
SMC6624M> help
enable Enter the Manager Exec context. exit Return to the previous context or terminate current
session if in the outermost context. link-test Test the connection to a MAC address on the LAN. logout Terminate this console/telnet session. menu Switch to the menu system. ping Send IP Ping requests to a device on the network. show Display configuration and status/counter information.
SMC6624M(config)# interface help Usage: interface ethernet <port-list>
interface ethernet <port-list> commands
Description: Enter the Interface Configuration Level, or execute one
command on that level. The first version of this command moves the switches current working level to the Interface Configuration Level using port-list for the current context. Commands that are subsequently invoked at this level apply to the port-list specified when entering the level. The second version of this command does not enter the Interface Configuration Level but does apply the 'commands' specified to the port-list. Valid 'commands' at this level include all commands available at the Interface Configuration Level.
Page 46
3-12
Using the Command Line Interface (CLI)
Using the CLI
Using the Command Line
Interface (CLI)
Figure 3-9. Example of Help for a Specific Instance of a Command
Note that if you try to list the help for an individual command from a privilege level that does not include that command, the switch returns an error message. For example, trying to list the help for the interface command while at the global configuration level produces this result:
SMC6624M# interface help Invalid input: interface
Configuration Commands and the Context Configuration Modes
You can execute any configuration command in the global configuration mode or in selected context modes. However, using a context mode enables you to execute context-specific commands faster, with shorter command strings.
The SMC6624M offers interface (port or trunk group) and VLAN context configuration modes:
Port or Trunk-Group Context . Includes port- or trunk-specific commands that apply only to the selected port(s) or trunk group, plus the global configuration, Manager, and Operator commands. The prompt for this mode includes the identity of the selected port(s):
SMC6624M(config)# interfacee5help
flow-control Enable/disable flow control on the port. speed-duplex Define mode of operation for the port. broadcast-limit Set a broadcast traffic percentage limit. unknown-vlans Define what the port will do when it encounters GVRP
packet requesting it to join a VLAN. enable Enable port. disable Disable port. lacp Define whether LACP is enabled on the port, and whether it
is in active or passive mode when enabled. monitor Define that the port is to be monitored.
SMC6624M(config)# interface e 5-8
SMC6624M(config)# interface e trk1
Command executed at configuration level for entering port or trk1 static trunk-group context.
SMC6624M(eth-5-8)# SMC6624M(eth-Trk1)#
Resulting prompt showing port or static trunk contexts.
Page 47
3-13
Using the Command Line Interface (CLI)
Using the CLI
Using the Command Line
Interface (CLI)
Figure 3-10. Context-Specific Commands Affecting Port Context
SMC6624M(eth-5-8)# ?
SMC6624M(eth-5-8)# ?
Lists the commands you can use in the port or static trunk context, plus the Manager, Operator, and context commands you can execute at this level.
MC6624M(eth-5-8)# ?
flow-control Enable/disable flow control on the port speed-duplex Define mode of operation for the port broadcast-limit Set a broadcast traffic percentage limit unknown-vlans Define what the port will do when it encounters GVRP
packet requesting it to join a VLAN enable Enable port disable Disable port lacp Define whether LACP is enabled on the port, and whether
it is in active or passive mode when enabled monitor Define that the port is to be monitored
interface Enter the Interface Configuration Level, or execute one
command on that level vlan Add, delete, edit VLAN configuration or enter a VLAN
context
boot Reboot the device configure Enter the Configuration context copy Copy datafiles to/from the switch end Return to the Manager Exec context erase Erase configuration file stored in flash
-- MORE --
The remaining commands in the listing are Manager, Operator, and context commands.
In the port context, the first block of commands in the "?" listing show the context-specific commands that will affect only ports 5-8.
Page 48
3-14
Using the Command Line Interface (CLI)
Using the CLI
Using the Command Line
Interface (CLI)
VLAN Context. Includes VLAN-specific commands that apply only to the selected VLAN, plus Manager and Operator commands. The prompt for this mode includes the VLAN ID of the selected VLAN. For example, if you had already configured a VLAN with an ID of 100 in the switch:
Figure 3-11. Context-Specific Commands Affecting VLAN Context
SMC6624M(config)# vlan 100 Command executed at configura-
tion level to enter VLAN 100 context.
SMC6624M(vlan-100)# Resulting prompt showing VLAN
100 context.
SMC6624M(vlan-100)# ? Lists commands you can use in the
VLAN context, plus Manager, Oper­ator, and context commands you can execute at this level.
SMC6624M(vlan-100)# ?
ip Configures IP parameters for a VLAN monitor Define that the VLAN is to be monitored name Set the VLAN's name tagged Assign ports to current VLAN as tagged forbid Prevents ports from becoming a member of the current
VLAN
untagged Assign ports to current VLAN as untagged
interface Enter the Interface Configuration Level, or execute one
command on that level
vlan Add, delete, edit VLAN configuration or enter a VLAN
context
boot Reboot the device configure Enter the Configuration context copy Copy datafiles to/from the switch end Return to the Manager Exec context erase Erase configuration file stored in flash getMIB Retrieve and display the MIB objects specified kill Kill all other active telnet/console sessions log Display log events
-- MORE --
In the VLAN context, the first block of commands in the "?" listing show the commands that will affect only vlan-100.
The remaining commands in the listing are Manager, Operator, and context commands.
Page 49
3-15
Using the Command Line Interface (CLI)
CLI Control and Editing
Using the Command Line
Interface (CLI)
CLI Control and Editing
Keystrokes Function
[Ctrl] [A] Jumps to the first character of the command line.
[Ctrl] [B] or [<] Moves the cursor back one character.
[Ctrl] [C] Terminates a task and displays the command prompt.
[Ctrl] [D] Deletes the character at the cursor.
[Ctrl] [E] Jumps to the end of the current command line.
[Ctrl] [F] or [>] Moves the cursor forward one character.
[Ctrl] [K] Deletes from the cursor to the end of the command line.
[Ctrl] [L] or [Ctrl] [R] Repeats current command line on a new line.
[Ctrl] [N] or [v] Enters the next command line in the history buffer.
[Ctrl] [P] or [^] Enters the previous command line in the history buffer.
[Ctrl] [U] or [Ctrl] [X] Deletes from the cursor tothe beginning of the command line.
[Ctrl] [W] Deletes the last word typed.
[Esc] [B] Moves the cursor backward one word.
[Esc] [D] Deletes from the cursor to the end of the word.
[Esc] [F] Moves the cursor forward one word.
[Delete] or [Backspace]
Deletes the first character to the left of the cursor in the command line.
Page 50
3-16
Using the Command Line Interface (CLI)
CLI Control and Editing
Using the Command Line
Interface (CLI)
Page 51
4-1
Using the Web Browser
Interface
4
Using the Web Browser Interface
The web browser interface built into the switch lets you easily access the switch from a browser-based PC on your network. This lets you do the following:
Optimize your network uptime by using the Alert Log and other diagnostic
tools
Make configuration changes to the switch
Maintain security by configuring usernames and passwords
This chapter covers the following:
General features (page 4-2).
System requirements for using the web browser interface (page 4-3)
Starting a web browser interface session (page 4-4)
Tasks for your first web browser interface session (page 4-6):
Creating usernames and passwords in the web browser interface (page 4-7)
Description of the web browser interface:
Overview window and tabs (page 4-11)
Port Utilization and Status displays (page 4-12)
Alert Log and Alert types (page 4-15)
Note If you want security beyond that achieved with user names and passwords,
you can disable access to the web browser interface. This is done by either executing no web-management at the Command Prompt or changing the Web Agent Enabled parameter setting to No (page 5-36) .
Page 52
4-2
Using the Web Browser Interface
General Features
Using the Web Browser
Interface
General Features
The SMC6624M switch includes these web browser interface features:
Switch Configuration:
•Ports
•VLANs and Primary VLAN
Port monitoring (mirroring)
System information
Enable/Disable Multicast Filtering (IGMP) and Spanning Tree
•IP
•Stacking
Support URL
Switch Security:
Passwords
Authorized IP Managers
Port security and Intrusion Log
Switch Diagnostics:
•Ping/Link Test
•Device reset
Configuration report
Switch status
Port utilization
Port counters
Port status
•Alert log
Switch system information listing
Page 53
4-3
Using the Web Browser Interface
Web Browser Interface Requirements
Using the Web Browser
Interface
Web Browser Interface Requirements
You can use equipment meeting the following requirements to access the web browser interface on your intranet.
Table 4-1. System Requirements for Accessing the Web Browser Interface
Platform Entity and OS Version Minimum Recommended
PC Platform 90 MHz Pentium 120 MHz Pentium
RAM 16 Mbytes 32 Mbytes
Screen Resolution 800 X 600 1,024 x 768
Color Count 256 65,536
Internet Browser (English-language browser only)
PCs:
• Netscape® Communicator 4.x
• Microsoft® Internet Explorer 4.x
UNIX: Netscape Navigator
4.5 or later
PCs:
• Netscape Communicator 4. 5 or later
• Microsoft® Internet Explorer 5.0 or later
UNIX: Netscape Navigator 4.5 or later
PC Operating System Microsoft Windows® 95 and Windows NT
UNIX® Operating System Standard UNIX® OS
Page 54
4-4
Using the Web Browser Interface
Starting a Web Browser Interface Session with the Switch
Using the Web Browser
Interface
Starting a Web Browser Interface Session with the Switch
You can start a web browser session in the following ways:
Using a standalone web browser on a network connection from a PC or
UNIX workstation:
Directly connected to your network
Connected through remote access to your network
Using a Standalone Web Browser in a PC or UNIX Workstation
This procedure assumes that you have a supported web browser (page 4-3) installed on your PC or workstation, and that an IP address has been config­ured on the switch. (For more on assigning an IP address, refer to “IP Configuration” on page 5-2.)
1. Make sure the Java
TM
applets are enabled for your browser. If they are
not, do one of the following:
In Netscape 4.03, click on E
dit, Preferences..., Advanced, then select
Enable Java and Enable JavaScript options.
In Microsoft Internet Explorer 4.x, click on View, Internet O
ptions,
Security, C
ustom, [Settings] and scroll to the Java Permissions. Then
refer to the online Help for specific information on enabling the Java applets.
2. Type the IP address (or DNS name) of the switch in the browser Location
or Address field and press [Enter]. (It is not necessary to include http://.)
switch6624M [Enter](example of a DNS-type name)
10.11.12.195 [Enter] (example of an IP address)
If you are using a Domain Name Server (DNS), your device may have a name associated with it (for example, switch6624M) that you can type in the Location or Address field instead of the IP address. Using DNS names typically improves browser performance. See your network administrator for any name associated with the switch.
Page 55
4-5
Using the Web Browser Interface
Starting a Web Browser Interface Session with the Switch
Using the Web Browser
Interface
Figure 4-1. Example of Status Overview Screen
Note The above screen appears somewhat different if the switch is configured as a
stack Commander. For an example, see figure 1-3 on page 1-4.
Alert Log
First-Time Install Alert
Page 56
4-6
Using the Web Browser Interface
Tasks for Your First Web Browser Interface Session
Using the Web Browser
Interface
Tasks for Your First Web Browser Interface Session
The first time you access the web browser interface, there are three tasks that you should perform:
Review the “First Time Install” window
Set Manager and Operator passwords
Viewing the “First Time Install” Window
When you access the switch’s web browser interface for the first time, the Alert log contains a “First Time Install” alert, as shown in figure 4-2. This gives you information about first time installations, and provides an immediate opportunity to set passwords for security.
Double click on First Time Install in the Alert log (figure 4-1 on page 4-5). The web browser interface then displays the “First Time Install” window, below.
Figure 4-2. First-Time Install Window
Page 57
4-7
Using the Web Browser Interface
Tasks for Your First Web Browser Interface Session
Using the Web Browser
Interface
This window is the launching point for the basic configuration you need to perform to set web browser interface passwords to maintain security.
To set web browser interface passwords, click on secure access to the device to display the Device Passwords screen, and then go to the next page. (You can also access the password screen by clicking on the Security tab.)
Creating User Names and Passwords in the Browser Interface
You may want to create both a user name and password to create access security for your switch. There are two levels of access to the interface that can be controlled by setting user names and passwords:
Operator. An Operator-level user name and password allows read-only
access to most of the web browser interface, but prevents access to the Security window.
Manager. A Manager-level user name and password allows full read/
write access to the web browser interface.
Figure 4-3. The Device Passwords Window
Page 58
4-8
Using the Web Browser Interface
Tasks for Your First Web Browser Interface Session
Using the Web Browser
Interface
To set the passwords:
1. Access the Device Passwords screen by one of the following methods:
If the Alert Log includes a “First Time Install” event entry, double click on this event, then, in the resulting display, click on the secure access to the device link.
Select the Security tab.
2. Click in the appropriate box in the Device Passwords window and enter user names and passwords. You will be required to repeat the password strings in the confirmation boxes.
Both the user names and passwords can be up to 16 printable ASCII characters.
3. Click on [Apply Changes] to activate the user names and passwords.
Note Passwords you assign in the web browser interface will overwrite previous
passwords assigned in either the web browser interface, the Command Prompt, or the switch console. That is, the most recently assigned passwords are the switch’s passwords, regardless of which interface was used to assign the string.
Using the Passwords
Figure 4-4. Example of the Password Window in the Web Browser Interface
The manager and operator passwords are used to control access to all switch interfaces. Once set, you will be prompted to supply the password every time you try to access the switch through any of its interfaces. The password you enter determines the capability you have during that session:
Entering the manager password gives you full read/write capabilities
Page 59
4-9
Using the Web Browser Interface
Tasks for Your First Web Browser Interface Session
Using the Web Browser
Interface
Entering the operator password gives you read and limited write capabil-
ities.
Using the User Names
If you also set user names in the web browser interface screen, you must supply the correct user name for web browser interface access. If a user name has not been set, then leave the User Name field in the password window blank.
Note that the Command Prompt and switch console interfaces use only the password, and do not prompt you for the User Name.
If You Lose a Password
If you lose the passwords, you can clear them by pressing the Clear button on the front of the switch. This action deletes all password and user name
protection from all of the switch’s interfaces.
The Clear button is provided for your convenience, but its presence means that if you are concerned with the security of the switch configuration and operation, you should make sure the switch is installed in a secure location, such as a locked wiring closet.
Page 60
4-10
Using the Web Browser Interface
Support/Mgmt URL Feature
Using the Web Browser
Interface
Support/Mgmt URL Feature
The Support/Mgmt URL window enables you to change the World Wide Web Universal Resource Locator (URL) for a support information site for your switch.
Figure 4-5. The Default Support/Mgmt URLs Window
Support URL
This is the site that the switch accesses when you click on the Support tab on the web browser interface.
You can enter the URL for a local site that you use for entering reports about network performance, or whatever other function you would like to be able to easily access by clicking on the [Support] tab.
3. Enter URL for the support information source you want the switch to access when you click on the web browser interface Support tab.
1. Click Here
2. Click Here
4. Click on Apply Changes
Page 61
4-11
Using the Web Browser Interface
Status Reporting Features
Using the Web Browser
Interface
Status Reporting Features
Browser elements covered in this section include:
The Overview window (below)
Port utilization and status (page )
The Alert log (page )
The Status bar (page )
The Overview Window
The Overview Window is the home screen for any entry into the web browser interface.The following figure identifies the various parts of the screen.
Figure 4-6. The Overview Window
Port Utiliza­tion Graphs
(page 4-12)
Active Tab
Active Button
Alert Log
(page 4-15)
Port Status Indicators
(page 4-14)
Button Bar
Tab Bar
Status Bar
(page 4-17)
Alert Log Control Bar
Page 62
4-12
Using the Web Browser Interface
Status Reporting Features
Using the Web Browser
Interface
The Port Utilization and Status Displays
The Port Utilization and Status displays show an overview of the status of the switch and the amount of network activity on each port. The following figure shows a sample reading of the Port Utilization and Port Status.
Figure 4-7. The Graphs Area
Port Utilization
The Port Utilization bar graphs show the network traffic on the port with a breakdown of the packet types that have been detected (unicast packets, non­unicast packets, and error packets). The Legend identifies traffic types and their associated colors on the bar graph:
% Unicast Rx & All Tx: This is all unicast traffic received and all
transmitted traffic of any type. This indicator (a blue color on many systems) can signify either transmitted or received traffic.
% Non-Unicast Pkts Rx: All multicast and broadcast traffic received by
the port. This indicator (a gold color on many systems) enables you to know “at-a-glance” the source of any non-unicast traffic that is causing high utilization of the switch. For example, if one port is receiving heavy broadcast or multicast traffic, all ports will become highly utilized. By color-coding the received broadcast and multicast utilization, the bar graph quickly and easily identifies the offending port. This makes it faster and easier to discover the exact source of the heavy traffic because you don’t have to examine port counter data from several ports.
% Error Pkts Rx: All error packets received by the port. (This indicator
is a reddish color on many systems.) Although errors received on a port are not propagated to the rest of the network, a consistently high number of errors on a specific port may indicate a problem on the device or network segment connected to the indicated port.
Port Status Indicators
Port Utilization Bar Graphs
Bandwidth Display Control
Legend
Page 63
4-13
Using the Web Browser Interface
Status Reporting Features
Using the Web Browser
Interface
Maximum Activity Indicator: As the bars in the graph area change
height to reflect the level of network activity on the corresponding port, they leave an outline to identify the maximum activity level that has been observed on the port.
Utilization Guideline. A network utilization of 40% is considered the maximum that a typical Ethernet-type network can experience before encoun­tering performance difficulties. If you observe utilization that is consistently higher than 40% on any port, click on the Port Counters button to get a detailed set of counters for the port.
To change the amount of bandwidth the Port Utilization bar graph shows. Click on the bandwidth display control button in the upper left corner
of the graph. (The button shows the current scale setting, such as 40%.) In the resulting menu, select the bandwidth scale you want the graph to show (3%, 10%, 25%, 40%, 75%, or 100%), as shown in figure 3-7.
Note that when viewing activity on a gigabit port, you may want to select a lower value (such as 3% or 10%). This is because the bandwidth utilization of current network applications on gigabit links is typically minimal, and may not appear on the graph if the scale is set to show high bandwidth utilization.
Figure 4-8. Changing the Graph Area Scale
To display values for each graph bar. Hold the mouse cursor over any of the bars in the graph, and a pop-up display is activated showing the port identification and numerical values for each of the sections of the bar, as shown in figure 4-9 (next).
Figure 4-9. Display of Numerical Values for the Bar
Page 64
4-14
Using the Web Browser Interface
Status Reporting Features
Using the Web Browser
Interface
Port Status
Figure 4-10. The Port Status Indicators and Legend
The Port Status indicators show a symbol for each port that indicates the general status of the port. There are four possible statuses:
Port Connected – the port is enabled and is properly connected to an
active network device.
Port Not Connected – the port is enabled but is not connected to an
active network device. A cable may not be connected to the port, or the device at the other end may be powered off or inoperable, or the cable or connected device could be faulty.
Port Disabled – the port has been configured as disabled through the
web browser interface, the switch console, or SNMP network manage­ment.
Port Fault-Disabled – a fault condition has occurred on the port that
has caused it to be auto-disabled. Note that the Port Fault-Disabled symbol will be displayed in the legend only if one or more of the ports is in that status. See chapter 7, “Monitoring and Analyzing Switch Operation” for more information.
Port Status Indicators
Legend
Page 65
4-15
Using the Web Browser Interface
Status Reporting Features
Using the Web Browser
Interface
The Alert Log
The web browser interface Alert Log, shown in the lower half of the screen, shows a list of network occurrences, or alerts, that were detected by the switch. Typical alerts are Broadcast Storm, indicating an excessive number of broadcasts received on a port, and Problem Cable, indicating a faulty cable. A full list of alerts is shown in the table on page 4-16.
Figure 4-11. Example of the Alert Log
Each alert has the following fields of information:
Status – The level of severity of the event generated. Severity levels can
be Information, Normal, Warning, and Critical. If the alert is new (has not yet been acknowledged), the New symbol is also in the Status column.
Alert – The specific event identification.
Date/Time – The date and time the event was received by the web
browser interface. This value is shown in the format: DD-MM-YY HH:MM:SS AM/PM, for example, 16-Sep-99 7:58:44 AM.
Description – A short narrative statement that describes the event. For
example, Excessive CRC/Alignment errors on port: 8.
Sorting the Alert Log Entries
The alerts are sorted, by default, by the Date/Time field with the most recent alert listed at the top of the list. The second most recent alert is displayed below the top alert and so on. If alerts occurred at the same time, the simultaneous alerts are sorted by order in which they appear in the MIB.
The alert field that is being used to sort the alert log is indicated by which column heading is in bold. You can sort by any of the other columns by clicking on the column heading. The Alert and Description columns are sorted alpha­betically, while the Status column is sorted by severity type, with more critical severity indicators appearing above less critical indicators.
Page 66
4-16
Using the Web Browser Interface
Status Reporting Features
Using the Web Browser
Interface
Alert Types
The following table lists the types of alerts that can be generated.
Table 4-2. Alert Strings and Descriptions
Alert String Alert Description
First Time Install Important installation information for your switch.
Too many undersized/ giant packets
A device connected to this port is transmitting packets shorter than 64 bytes or longer than 1518 bytes (longer than 1522 bytes if tagged), with valid CRCs (unlike runts, which have invalid CRCs).
Excessive jabbering A device connected to this port is incessantly transmitting packets (“jabbering”), detected as
oversized packets with CRC errors.
Excessive CRC/alignment errors
A high percentage of data errors has been detected on this port. Possible causes include:
• Faulty cabling or invalid topology.
• Duplex mismatch (full-duplex configured on one end of the link, half-duplex configured on the other)
• A malfunctioning NIC, NIC driver, or module
Excessive late collisions Late collisions (collisions detected after transmitting 64 bytes) have been detected on this
port. Possible causes include:
• An overextended LAN topology
• Duplex mismatch (full-duplex configured on one end of the link, half-duplex configured on the other)
• A misconfigured or faulty device connected to the port
High collision or drop rate A large number of collisions or packet drops have occurred on the port. Possible causes
include:
• A extremely high level of traffic on the port
• Duplex mismatch
• A misconfigured or malfunctioning NIC or module on a device connected to this port
• A topology loop in the network
Excessive broadcasts An extremely high percentage of broadcasts was received on this port. This degrades the
performance of all devices connected to the port. Possible causes include:
• A network topology loop—this is the usual cause
• A malfunctioning device, NIC, NIC driver, or software package
Network Loop Network loop has been detected by the switch.
Loss of Link Lost connection to one or multiple devices on the port.
Loss of stack member The Commander has lost the connection to a stack member.
Security violation A security violation has occurred.
Page 67
4-17
Using the Web Browser Interface
Status Reporting Features
Using the Web Browser
Interface
Note When troubleshooting the sources of alerts, it may be helpful to check the
switch’s Port Status and Port Counter windows and the Event Log in the console interface.
Viewing Detail Views of Alert Log Entries
By double clicking on Alert Entries, the web browser interface displays a Detail View or separate window detailing information about the events. The Detail View contains a description of the problem and a possible solution. It also provides four management buttons:
Acknowledge Event – removes the New symbol from the log entry
Delete Event – removes the alert from the Alert Log
Cancel Button – closes the detail view with no change to the status of
the alert and returns you to the Overview screen.
The Status Bar
The Status Bar is displayed in the upper left corner of the web browser interface screen. Figure 4-12 shows an expanded view of the status bar.
Figure 4-12. Example of the Status Bar
The Status bar consists of four objects:
Status Indicator. Indicates, by icon, the severity of the most critical alert
in the current display of the Alert Log. This indicator can be one of three shapes and colors as shown in the following table.
Status Indicator
Most Critical Alert Description
Product Name
Page 68
4-18
Using the Web Browser Interface
Status Reporting Features
Using the Web Browser
Interface
Table 4-3. Status Indicator Key
System Name. The name you have configured for the switch by using
Identity screen, system name command, or the switch console System Information screen.
Most Critical Alert Description. A brief description of the earliest,
unacknowledged alert with the current highest severity in the Alert Log, appearing in the right portion of the Status Bar. In instances where multiple critical alerts have the same severity level, only the earliest unacknowledged alert is deployed in the Status bar.
Product Name. The product name of the switch to which you are
connected in the current web browser interface session.
Color Switch Status Status Indicator Shape
Blue Normal Activity; "First time installation"
information available in the Alert log.
Green Normal Activity
Yellow Warning
Red Critical
Page 69
5-1
Configuring IP Addressing,
Time Synchronization,
5
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
This chapter describes the switch configuration features available in the menu interface, CLI and web browser interface. For help on how to use these interfaces, refer to:
Chapter 2, “Using the Menu Interface”
Chapter 3, “Using the Command Line Interface (CLI)”
Chapter 4, Using the Web Browser Interface”
Why Configure IP Addressing? In its factory default configuration, the switch operates as a multiport learning bridge with network connectivity provided by the ports on the switch. However, to enable specific management access and control through your network, you will need IP addressing. (See table 5-1 on page 5-9.)
Why Configure Time Synchronization? Using time synchronization ensures a uniform time among interoperating devices. This helps you to manage and troubleshoot switch operation by attaching meaningful time data to event and error messages.
Why Configure Interface Access and System Information? The inter­face access features in the switch operate properly by default. However, you can modify or disable access features to suit your particular needs. Similarly, you can choose to leave the system information parameters at their default settings. However, using these features can help you to more easily manage a group of devices across your network.
Page 70
5-2
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
IP Configuration
Configuring IP Addressing,
Time Synchronization,
IP Configuration
IP Configuration Features
IP Address and Subnet Mask. Configuring the switch with an IP address
expands your ability to manage the switch and use its features. By default, the switch is configured to automatically receive IP addressing on the default VLAN from a DHCP/Bootp server that has been configured correctly with information to support the switch. (Refer to “DHCP/Bootp Operation” on page 5-9 for information on setting up automatic configuration from a server.) However, if you are not using a DHCP/Bootp server to configure IP addressing, use the menu interface or the CLI to manually configure the initial IP values. After you have network access to a device, you can use the web browser interface to modify the initial IP configuration if needed.
For information on how IP addressing affects switch performance, refer to “How IP Addressing Affects Switch Operation” on page 5-8.
Default Gateway Operation. The default gateway is required when a router is needed for tasks such as reaching off-subnet destinations or forward­ing traffic across multiple VLANs. The gateway value is the IP address of the next-hop gateway node for the switch, which is used if the requested destina­tion address is not on a local subnet/VLAN. If the switch does not have a manually-configured default gateway and DHCP/Bootp is configured on the primary VLAN, then the default gateway value provided by the DHCP or Bootp server will be used. If the switch has a manually configured default gateway, then the switch uses this gateway, even if a different gateway is received via DHCP or Bootp on the primary VLAN. See “Notes” on page 5-3 and “Which VLAN Is Primary?” on page 9-50.
Packet Time-To-Live (TTL). This parameter specifies how long in seconds an outgoing packet should exist in the network. In most cases, the default setting (64 seconds) is adequate.
Feature Default Menu CLI Web
IP Address and Subnet Mask DHCP/Bootp page 5-4 page 5-6 page 5-8
Default Gateway Address none page 5-4 page 5-6 page 5-8
Packet Time-To-Live (TTL) 64 seconds page 5-4 page 5-6 n/a
Page 71
5-3
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
IP Configuration
Configuring IP Addressing,
Time Synchronization,
Just Want a Quick Start?
If you just want to give the switch an IP address so that it can communicate on your network, or if you are not using VLANs, SMC recommends that you use the Switch Setup screen to quickly configure IP addressing. To do so, do one of the following:
Enter setup at the CLI Manager level prompt.
SMC6624M# setup
Select 8. Run Setup in the Main Menu of the menu interface.
For more on using the Switch Setup screen, see the Installation Guide you received with the switch.
IP Addressing with Multiple VLANs
In the factory-default configuration, the switch has one, permanent default VLAN (named DEFAULT_VLAN) that includes all ports on the switch. In this state, when you assign an IP address and subnet mask to the switch, you are actually assigning the IP addressing to the DEFAULT_VLAN. You can rename the DEFAULT_VLAN, but you cannot change its VLAN ID number (VID) or remove it from the switch.
Notes If multiple VLANs are configured, then each VLAN can have its own IP
address. This is because each VLAN operates as a separate broadcast domain and requires a unique IP address and subnet mask. A default gateway (IP) address for the switch is optional, but recommended. The primary VLAN is the VLAN used for stacking operation, as well as for determining the default gateway address, (packet) Time-To-Live (TTL), and Timep via DHCP or Bootp. (Other VLANs can also use DHCP or BootP to acquire IP addressing. However, the switch’s gateway, TTL, and TimeP values will be acquired through the primary VLAN only. In the default configuration, the default VLAN (named DEFAULT_VLAN) is the switch’s primary VLAN.However, with multiple VLANs assigned to the switch, you can select another VLAN to function as the primary VLAN. For more on VLANs, refer to “Port-Based Virtual LANs (Static VLANs)” on page 9-47.
The IP addressing used in the switch should be compatible with your
network. That is, the IP address must be unique and the subnet mask must be appropriate for the IP network.
If you plan to connect to other networks that use globally administered
IP addresses, refer to “Globally Assigned IP Network Addresses” on page 5-13.
Page 72
5-4
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
IP Configuration
Configuring IP Addressing,
Time Synchronization,
The switch searches for the default gateway device through the primary
VLAN. By default, the DEFAULT_VLAN is the switch’s primary VLAN. However, you can use the CLI to select a different primary VLAN if more than one VLAN exists on the switch. For more information, see “Port­Based Virtual LANs (Static VLANs)” on page 9-47.
If you change the IP address through either Telnet access or the web
browser interface, the connection to the switch will be lost. You can reconnect by either restarting Telnet with the new IP address or entering the new address as the URL in your web browser.
IP Addressing in a Stacking Environment
If you are installing the switch into a stack management environment, entering an IP address may not be required. See “Stack Management” on page 9-2 for more information.
Menu: Configuring IP Address, Gateway, and Time-To­Live (TTL)
Do one of the following:
To manually enter an IP address, subnet mask, set the IP Config parameter
to Manual and then manually enter the IP address and subnet mask values you want for the switch.
To use DHCP or Bootp, use the menu interface to ensure that the IP Config
parameter is set to DHCP/Bootp, then refer to “DHCP/Bootp Operation” on page 5-9.
Page 73
5-5
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
IP Configuration
Configuring IP Addressing,
Time Synchronization,
To Configure IP Addressing.
1. From the Main Menu, Select.
2. Switch Configuration ...
5. IP Configuration
Note If multiple VLANs are configured, a screen showing all VLANs appears instead
of the following screen.
Figure 5-1. Example of the IP Service Configuration Screen without Multiple VLANs Configured
2. Press [E] (for Edit).
3. If the switch needs to access a router, for example, to reach off-subnet
destinations, select the Default Gateway field and enter the IP address of the gateway router.
4. If you need to change the packet Time-To-Live (TTL) setting, select Default TTL and type in a value between 2 and 255 (seconds).
5. Do one of the following:
If you want to have the switch retrieve its IP configuration from a
DHCP or Bootp server, at the IP Config field, keep the value as DHCP/ Bootp and go to step 8.
For descriptions of these parameters, see the online Help for this screen.
Before using the DHCP/ Bootp option, refer to “DHCP/Bootp Operation” on page 5-9.
Page 74
5-6
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
IP Configuration
Configuring IP Addressing,
Time Synchronization,
If you want to manually configure the IP information, use the Space
bar to select Manual and use the [Tab] key to move to the other IP configuration fields.
6. Select the IP Address field and enter the IP address for the switch.
7. Select the Subnet Mask field and enter the subnet mask for the IP address.
8. Press [Enter], then [S] (for S
ave).
CLI: Configuring IP Address, Gateway, and Time-To­Live (TTL)
IP Commands Used in This Section
Viewing the Current IP Configuration. The following command displays the IP addressing for each VLAN configured in the switch. If only the DEFAULT_VLAN exists, then its IP configuration applies to all ports in the switch. Where multiple VLANs are configured, the IP addressing is listed per VLAN. The display includes switch-wide packet time-to-live, and (if config­ured) the switch’s default gateway and Timep configuration.
Syntax: show ip
For example, in the factory-default configuration (no IP addressing assigned), the switch’s IP addressing appears as:
Figure 5-2. Example of the Switch’s Default IP Addressing
show ip page 5-6
vlan <vlan-id> ip address
page 5-7
ip default-gateway page 5-8
ip ttl page 5-8
The Default IP Configuration on the SMC6624M
SMC6624M# show ip
Internet (IP) Service
Default Gateway : Default TTL : 64
VLAN | IP Config IP Address Subnet Mask
------------ + ---------- --------------- --------------­DEFAULT_VLAN | DHCP/Bootp
Page 75
5-7
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
IP Configuration
Configuring IP Addressing,
Time Synchronization,
With multiple VLANs and some other features configured, show ip provides additional information:
Figure 5-3. Example of Show IP Listing with Non-Default IP Addressing Configured
(If DHCP/Bootp acquires an IP address and Subnet Mask for VLAN_2, they will appear in the appropriate columns.)
Configure an IP Address and Subnet Mask. The following command includes both the IP address and the subnet mask. You must either include the ID of the VLAN for which you are configuring IP addressing or go to the context configuration level for that VLAN. (If you are not using VLANs on the switch—that is, if the only VLAN is the default VLAN—then the VLAN ID is always “1”.)
Note The default IP address setting for the DEFAULT_VLAN is DHCP/Bootp. On
additional VLANs you create, the default IP address setting is Disabled.
Syntax: vlan <vlan-id> ip address <ip-address/mask-length>
or
vlan <vlan-id> ip address <ip-address> <mask-bits>
or
vlan <vlan-id> ip address dhcp-bootp
This example configures IP addressing on the default VLAN with the subnet mask specified in mask bits.
SMC6624M(config)# vlan 1 ip address 10.28.227.103/255.255.255.0
This example configures the same IP addressing as the preceding example, but specifies the subnet mask by mask length.
SMC6624M(config)# vlan 1 ip address 10.28.227.103/24
An SMC6624M with VLANs Configured
SMC6624M# show ip
Internet (IP) Service
Default Gateway : 10.2.64.254 Default TTL : 64
VLAN | IP Config IP Address Subnet Mask
------------ + ---------- --------------- --------------­DEFAULT_VLAN | Manual 10.2.13.15 255.255.0.0 VLAN_2 | DHCP/Bootp
Page 76
5-8
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
IP Configuration
Configuring IP Addressing,
Time Synchronization,
Configure the Optional Default Gateway. You can assign one default gateway to the switch.
Syntax: ip default-gateway <ip-address>
For example:
SMC6624M(config)# ip default-gateway 11.28.227.115
You can execute this command only from the global configuration level.
Configure Time-To-Live (TTL). This command sets the time that a packet outbound from the switch can exist on the network. The default setting is 64 seconds.
Syntax: ip ttl <number-of-seconds>
SMC6624M(config)# ip ttl 60
In the CLI, you can execute this command only from the global configuration level. The TTL range is 2 - 255 seconds.
Web: Configuring IP Addressing
You can use the web browser interface to access IP addressing only if the switch already has an IP address that is reachable through your network.
1. Click on the Configuration tab.
2. Click on [IP Configuration].
How IP Addressing Affects Switch Operation
Without an IP address and subnet mask compatible with your network, the switch can be managed only through a direct terminal device connection to the Console RS-232 port. You can use direct-connect console access to take advantage of features that do not depend on IP addressing. However, to realize the full performance capabilities proactive networking offers through the switch, configure the switch with an IP address and subnet mask compatible with your network. The following table lists the general features available with and without a network-compatible IP address configured.
Page 77
5-9
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
IP Configuration
Configuring IP Addressing,
Time Synchronization,
Table 5-1. Features Available With and Without IP Addressing on the Switch
DHCP/Bootp Operation
Overview. DHCP/Bootp is used to provide configuration data from a DHCP or Bootp server to the switch. This data can be the IP address, subnet mask, default gateway, Timep Server address, and TFTP server address. If a TFTP server address is provided, this allows the switch to TFTP a previously saved configuratin file from the TFTP server to the switch. With either DHCP or Bootp, the servers must be configured prior to the switch being connected to the network.
Note The SMC6624M switch is compatible with both DHCP and Bootp servers.
The DHCP/Bootp Process. Whenever the IP Config parameter in the switch or in an individual VLAN in the switch is configured to DHCP/Bootp (the default), or when the switch is rebooted with this configuration:
Features Available Without an IP Address Additional Proactive Networking Features Available
with an IP Address and Subnet Mask
• Direct-connect access to the CLI and the menu interface.
• Stacking Candidate or Stack Member
• DHCP or Bootp support for automatic IP address configuration, and DHCP support for automatic Timep server IP address configuration
• Spanning Tree Protocol
• Port settings and port trunking
• Console-based status and counters information for monitoring switch operation and diagnosing problems through the CLI or menu interface.
•VLANs
•GVRP
• Serial downloads of operating system (OS) updates and configuration files (Xmodem)
•Link test
• Port monitoring
• Security
• Web browser interface access, with configuration, security, and diagnostic tools, plus the Alert Log for discovering problems detected in the switch along with suggested solutions
• SNMP network management access such as EliteView network configuration, monitoring, problem­finding and reporting, analysis, and recommendations for changes to increase control and uptime
• Stacking Commander*
• Telnet access to the CLI or the menu interface
•IGMP
• SNTP/Timep configuration
• TFTP download of configurations and OS updates
•Ping test
*Although a Commander can operate without an IP address, doing so makes it unavailable for in-band access in an IP network.
Page 78
5-10
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
IP Configuration
Configuring IP Addressing,
Time Synchronization,
1. DHCP/Bootp requests are automatically broadcast on the local network. (The switch sends one type of request to which either a DHCP or Bootp server can respond.)
2. When a DHCP or Bootp server receives the request, it replies with a previously configured IP address and subnet mask for the switch. The switch also receives an IP Gateway address if the server has been config­ured to provide one. In the case of Bootp, the server must first be configured with an entry that has the MAC address of the switch. (To determine the switch’s MAC address, see appendix B, “MAC Address Management”. The switch properly handles replies from either type of server. If multiple replies are returned, the switch tries to use the first reply.)
Note If you manually configure a gateway on the switch, it will ignore any gateway
address received via DHCP or Bootp.
If the switch is initially configured for DHCP/Bootp operation (the default), or if it is rebooted with this configuration, it immediately begins sending request packets on the network. If the switch does not receive a reply to its DHCP/Bootp requests, it continues to periodically send request packets, but with decreasing frequency. Thus, if a DHCP or Bootp server is not available or accessible to the switch when DHCP/Bootp is first configured, the switch may not immediately receive the desired configuration. After verifying that the server has become accessible to the switch, reboot the switch to re-start the process immediately.
DHCP Operation. A significant difference between a DHCP configuration and a Bootp configuration is that an IP address assignment from a DHCP server is automatic. Depending on how the DHCP server is configured, the switch may receive an IP address that is temporarily leased. Periodically the switch may be required to renew its lease of the IP configuration. Thus, the IP addressing provided by the server may be different each time the switch reboots or renews its configuration from the server. However, you can fix the address assignment for the switch by doing either of the following:
Configure the server to issue an “infinite” lease.
Using the switch’s MAC address as an identifier, configure the server with
a “Reservation” so that it will always assign the same IP address to the switch. (For MAC address information, refer to appendix B, “MAC Address Management”.)
For more information on either of these procedures, refer to the documenta­tion provided with the DHCP server.
Page 79
5-11
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
IP Configuration
Configuring IP Addressing,
Time Synchronization,
Bootp Operation. When a Bootp server receives a request it searches its Bootp database for a record entry that matches the MAC address in the Bootp request from the switch. If a match is found, the configuration data in the associated database record is returned to the switch. For many Unix systems, the Bootp database is contained in the /etc/bootptab file. In contrast to DHCP operation, Bootp configurations are always the same for a specific receiving device. That is, the Bootp server replies to a request with a configuration previously stored in the server and designated for the requesting device.
Bootp Database Record Entries. A minimal entry in the Bootp table file /etc/bootptab to update an IP address and subnet mask to the switch or a VLAN configured in the switch would be similar to this entry:
6624mswitch:\
ht=ether:\ ha=0030c1123456:\ ip=10.66.77.88:\ sm=255.255.248.0:\ gw=10.66.77.1:\ hn:\ vm=rfc1048
An entry in the Bootp table file /etc/bootptab to tell the switch or VLAN where to obtain a configuration file download would be similar to this entry:
6624mswitch:\
ht=ether:\ ha=0030c1123456:\ ip=10.66.77.88:\ sm=255.255.248.0:\ gw=10.66.77.1:\ lg=10.22.33.44:\ T144=”switch.cfg”:\ vm=rfc1048
where:
6624mswitch is a user-defined symbolic name to help you find the correct section of the
bootptab file. If you have multiple switches that will be using Bootp to get their IP configuration, you should use a unique symbolic name for each switch.
ht is the “hardware type”. For the SMC6624M, set this to ether (for Ethernet). This
tag must precede the ha tag.
ha is t he “hardware address”. U se the switch's (or VL AN's) 12-digit MAC add ress.
ip is the IP address to be assigned to the switch (or VLAN).
sm is the subnet mask of the subnet in which the switch (or VLAN) is installed.
Page 80
5-12
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
IP Configuration
Configuring IP Addressing,
Time Synchronization,
Note The above Bootp table entry is a sample that will work for the SMC6624M
when the appropriate addresses and file names are used.
Network Preparations for Configuring DHCP/Bootp
In its default configuration, the switch is configured for DHCP/Bootp opera­tion. However, the DHCP/Bootp feature will not acquire IP addressing for the switch unless the following tasks have already been completed:
For Bootp operation:
A Bootp database record has already been entered into an appropriate
Bootp server.
The necessary network connections are in place
The Bootp server is accessible from the switch
For DHCP operation:
A DHCP scope has been configured on the appropriate DHCP server.
The necessary network connections are in place
A DHCP server is accessible from the switch
Note Designating a primary VLAN other than the default VLAN affects the switch’s
use of information received via DHCP/Bootp. For more on this topic, see “Which VLAN Is Primary?” on page 9-50.
After you reconfigure or reboot the switch with DHCP/Bootp enabled in a network providing DHCP/Bootp service, the switch does the following:
Receives an IP address and subnet mask and, if configured in the server,
a gateway IP address and the address of a Timep server.
If the DHCP/Bootp reply provides information for downloading a config-
uration file, the switch uses TFTP to download the file from the designated source, then reboots itself. (This assumes that the switch or VLAN has connectivity to the TFTP file server specified in the reply, that the config­uration file is correctly named, and that the configuration file exists in the TFTP directory.)
gw is the IP address of the default gateway.
lg TFTP server address (source of final configuration file)
T144 is the vendor-specific “tag” identifying the configuration file to download.
vm is a required entry that specifies the Bootp report format. For the SMC6624M,
set this parameter to rfc1048.
Page 81
5-13
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
IP Configuration
Configuring IP Addressing,
Time Synchronization,
Globally Assigned IP Network Addresses
If you intend to connect your network to other networks that use globally administered IP addresses, SMC strongly recommends that you use IP addresses that have a network address assigned to you. There is a formal process for assigning unique IP addresses to networks worldwide. For more information:
Please contact your internet service provider (ISP).
If you need more information than your ISP can provide, contact one of the following organizations:
For more information, refer to Internetworking with TCP/IP: Principles, Protocols and Architecture by Douglas E. Comer (Prentice-Hall, Inc., publisher).
Country Phone Number/E-Mail/URL Company Name/Address
United States/ Countries not in Europe or Asia/Pacific
1-310-823-9358 icann@icann.org http://www.iana.org
The Internet Corporation for Assigned Names and Numbers (ICANN)
4676 Admiralty Way, Suite 330 Marina Del Rey, CA 90292 USA
Europe +31 20 535 4444
ncc@ripe.net http://www.ripe.net
RIPE NCC Singel 258 1016 AB Amsterdam The Netherlands
Asia/Pacific +61-7-3367-0490
info@apnic.net http://www.apnic.net
Attention: IN-ADDR.ARPA Registration Asia Pacific Network Information Center Level 1, 33 Park Road PO Box 2131 Milton, QLD 4064 Australia
Page 82
5-14
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
Time Synchronization Protocol Options
TimeP Time Synchronization
You can either manually assign the switch to use a TimeP server or use DHCP to assign the TimeP server. In either case, the switch can get its time synchro­nization updates from only one, designated Timep server. This option enhances security by specifying which time server to use.
SNTP Time Synchronization
SNTP (Simple Network Time Protocol) provides two operating modes:
Broadcast Mode: The switch acquires time updates by accepting the
time value from the first SNTP time broadcast detected. (In this case, the SNTP server must be configured to broadcast time updates to the network broadcast address. Refer to the documentation provided with your SNTP server application.) Once the switch detects a partic­ular server, it ignores time broadcasts from other SNTP servers unless the configurable Poll Interval expires three consecutive times without an update received from the first-detected server.
Note To use Broadcast mode, the switch and the SNTP server must be in the same
subnet.
Unicast Mode: The switch requests a time update from the config-
ured SNTP server. (You can configure one server using the menu interface, or up to three servers using the CLI sntp server command.) This option provides increased security over the Broadcast mode by specifying which time server to use instead of using the first one detected through a broadcast.
Page 83
5-15
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
Overview: Selecting a Time Synchronization Protocol or Turning Off Time Protocol Operation
General Steps for Running a Time Protocol on the Switch:
1. Select the time synchronization protocol: SNTP or TimeP (the default).
2. Enable the protocol. The choices are:
SNTP: Broadcast or Unicast
•TimeP: DHCP or Manual
3. Configure the remaining parameters for the time protocol you selected.
The switch retains the parameter settings for both time protocols even if you change from one protocol to the other. Thus, if you select a time protocol the switch uses the parameters you last configured for the selected protocol.
Note that simply selecting a time synchronization protocol does not enable that protocol on the switch unless you also enable the protocol itself (step 2, above). For example, in the factory-default configuration, TimeP is the selected time synchronization method. However, because TimeP is disabled in the factory-default configuration, no time synchronization protocol is run­ning.
Disabling Time Synchronization
You can use either of the following methods to disable time synchronization without changing the Timep or SNTP configuration:
In the System Information screen of the Menu interface, set the Time Sync
Method parameter to None, then press [Enter], then [S] (for Save).
In the config level of the CLI, execute no timesync.
Page 84
5-16
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
SNTP: Viewing, Selecting, and Configuring
SNTP Features
Table 5-2. SNTP Parameters
Feature Default Menu CLI Web
view the SNTP time synchronization configuration n/a page 5-17 page 5-19
select SNTP as the time synchronization method timep page 5-17 pages 5-20 ff. —
disable time synchronization timep page 5-17 page 5-23
enable the SNTP mode (Broadcast, Unicast, or Disabled) disabled
broadcast n/a page 5-17 page 5-20
unicast n/a page 5-18 page 5-21
none/disabled n/a page 5-17 page 5-24
configure an SNTP server address (for Unicast mode only) none page 5-18 pages 5-21 ff. —
change the SNTP server version (for Unicast mode only) 3 page 5-18 page 5-23
change the SNTP poll interval 720 seconds page 5-18 page 5-23
SNTP Parameter Operation
Time Sync Method Used to select either SNTP, TIMEP, or None as the time synchronization method.
SNTP Mode
Disabled The Default. SNTP does not operate, even if specified by the Menu interface Time Sync Method
parameter or the CLI timesync command.
Unicast Directs the switch to poll a specific server for SNTP time synchronization. Requires at least one
server address.
Broadcast Directs the switch to acquire its time synchronization from data broadcast by any SNTP server to
the network broadcast address. The switch uses the first server detected and ignores any others. However, if the Poll Interval expires three times without the switch detecting a time update from the original server, it the the switch accepts a broadcast time update from the next server it detects.
Poll Interval (seconds)
In Unicast Mode: Specifies how often the switch polls the designated SNTP server for a time update. In Broadcast Mode: Specifies how often the switch polls the network broadcast address for a time
update.
Server Address Used only when the SNTP Mode is set to Unicast. Specifies the IP address of the SNTP server that
the switch accesses for time synchronization updates. You can configure up to three servers; one using the menu or CLI, and two more using the CLI. See “SNTP Unicast Time Polling with Multiple SNTP Servers” on page 5-32.
Server Version Default: 3; range: 1 - 7. Specifies the SNTP software version to use, and is assigned on a per-server
basis. The version setting is backwards-compatible. For example, using version 3 means that the switch accepts versions 1 through 3.
Page 85
5-17
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
Menu: Viewing and Configuring SNTP
To View, Enable, and Modify SNTP Time Protocol:
1. From the Main Menu, select:
2. Switch Configuration...
1. System Information
Figure 5-4. The System Information Screen (Default Values)
2. Press [E] (for
Edit). The cursor moves to the System Name field.
3. Use [v] to move the cursor to the Time Sync Method field.
4. Use the Space bar to select SNTP, then press [v] once to display and move to the SNTP Mode field.
5. Do one of the following:
Use the Space bar to select the Broadcast mode, then press [v] to move
the cursor to the Poll Interval field, and go to step 6. (For Broadcast mode details, see “SNTP Operating Modes” on page 5-14.)
Time Protocol Selection Parameter
– TIMEP –SNTP –None
Page 86
5-18
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
Use the Space bar to select the Unicast mode, then do the following:
i. Press [>] to move the cursor to the Server Address field.
ii. Enter the IP address of the SNTP server you want the switch to
use for time synchronization.
Note: This step replaces any previously configured server IP address. If you will be using backup SNTP servers (requires use of the CLI), then see “SNTP Unicast Time Polling with Multiple SNTP Servers” on page 5-32.
iii. Press [v] to move the cursor to the Server Version field. Enter the
value that matches the SNTP server version running on the device you specified in the preceding step (step ii). If you are unsure which version to use, SMC recommends leaving this value at the default setting of 3 and testing SNTP operation to determine whether any change is necessary.
Note: Using the menu to enter the IP address for an SNTP server when the switch already has one or more SNTP servers config­ured causes the switch to delete the primary SNTP server from the server list and to select a new primary SNTP server from the IP address(es) in the updated list. For more on this topic, see “SNTP Unicast Time Polling with Multiple SNTP Servers” on page 5-32.
iv. Press [>] to move the cursor to the Poll Interval field, then go to
step 6.
6. In the Poll Interval field, enter the time in seconds that you want for a Poll Interval. (For Poll Interval operation, see table 2, “SNTP Parameters”, on page 5-16.)
7. Press [Enter] to return to the Actions line, then [S] (for Save) to enter the new time protocol configuration in both the startup-config and running­config files.
Page 87
5-19
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
CLI: Viewing and Configuring SNTP
CLI Commands Described in this Section
This section describes how to use the CLI to view, enable, and configure SNTP parameters.
Viewing the Current SNTP Configuration.
This command lists both the time synchronization method (TimeP, SNTP, or None) and the SNTP configuration, even if SNTP is not the selected time protocol.
Syntax: show sntp
For example, if you configured the switch with SNTP as the time synchroni­zation method, then enabled SNTP in broadcast mode with the default poll interval, show sntp lists the following:
Figure 3. Example of SNTP Configuration When SNTP Is the Selected Time Synchronization Method
In the factory-default configuration (where TimeP is the selected time syn­chronization method ), show sntp still lists the SNTP configuration even though it is not currently in use. For example:
show sntp page 5-19
[no] timesync pages 5-20 and ff., 5-23
sntp broadcast page 5-20
sntp unicast page 5-21
sntp server pages 5-21 and ff.
Protocol Version page 5-23
poll-interval page 5-23
no sntp page 5-24
SMC6624M# show sntp
SNTP Configuration
Time Sync Mode: Sntp SNTP Mode : Broadcast Poll Interval (sec) [720] : 720
Page 88
5-20
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
Figure 5-5. Example of SNTP Configuration When SNTP is Not the Selected Time Synchronization Method
Configuring (Enabling or Disabling) the SNTP Mode.
Enabling the SNTP mode means to configure it for either broadcast or unicast mode. Remember that to run SNTP as the switch’s time synchronization protocol, you must also select SNTP as the time synchronization method by using the CLI timesync command (or the Menu interface Time Sync Method parameter).
Syntax: timesync sntp Selects SNTP as the time protocol.
sntp < broadcast | unicast > Enables the SNTP mode (below and
page 5-21).
sntp server < ip-addr> Required only for unicast mode
(page 5-21).
sntp poll-interval < 30 . . 720> Enabling the SNTP mode also
enables the SNTP poll interval (default: 720 seconds; page 5-23).
Enabling SNTP in Broadcast Mode. Because the switch provides an SNTP polling interval (default: 720 seconds), you need only these two commands for minimal SNTP broadcast configuration:
Syntax: timesync sntp Selects SNTP as the time
synchronization method.
sntp broadcast Configures Broadcast as the SNTP
mode.
For example, suppose:
Time synchronization is in the factory-default configuration (TimeP is the
currently selected time synchronization method).
SMC6624M# show sntp
SNTP Configuration
Time Sync Mode: Timep SNTP Mode : Broadcast Poll Interval (sec) [720] : 720
Even though, in this example, TimeP is the current time synchronous method, the switch maintains the SNTP configuration.
Page 89
5-21
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
You want to:
1. View the current time synchronization.
2. Select SNTP as the time synchronization mode.
3. Enable SNTP for Broadcast mode.
4. View the SNTP configuration again to verify the configuration.
The commands and output would appear as follows:
Figure 5-6. Example of Enabling SNTP Operation in Broadcast Mode
Enabling SNTP in Unicast Mode. Like broadcast mode, configuring SNTP for unicast mode enables SNTP. However, for Unicast operation, you must also specify the IP address of at least one SNTP server. The switch allows up to three unicast servers. You can use the Menu interface or the CLI to configure one server or to replace an existing Unicast server with another. To add a second or third server, you must use the CLI. For more on SNTP operation with multiple servers, see “SNTP Unicast Time Polling with Multiple SNTP Servers” on page 5-32.
Syntax: timesync sntp Selects SNTP as the time
synchronization method.
sntp unicast Configures the SNTP mode for
Unicast operation.
sntp server <ip-addr> [version] Specifies the SNTP server. The
default server version is 3
.
no sntp server <ip-addr> Deletes the specified SNTP
server.
SMC6624M(config)# show sntp
SNTP Configuration
Time Sync Mode: Timep SNTP Mode : disabled Poll Interval (sec) [720] : 720
SMC6624M(config)# timesync sntp SMC6624M(config)# sntp broadcast SMC6624M(config)# show sntp
SNTP Configuration
Time Sync Mode: Sntp SNTP Mode : Broadcast Poll Interval (sec) [720] : 720
show sntp displays the SNTP configuration and also shows that TimeP is the currently active time synchronization mode.
1
2
3
show sntp again displays the SNTP configuration and shows that
SNTP is now the currently active time synchronization mode and is configured for broadcast operation.
4
Page 90
5-22
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
Note Deleting an SNTP server when only one is configured disables SNTP unicast
operation.
For example, to select SNTP and configure it with unicast mode and an SNTP server at 10.28.227.141 with the default server version (3) and default poll interval (720 seconds):
SMC6624M(config)# timesync sntp Selects SNTP. SMC6624M(config)# sntp unicast Activates SNTP in Unicast
mode.
SMC6624M(config)# sntp server 10.28.227.141
Specifies the SNTP server and accepts the current SNTP server version (default: 3)
.
Figure 5-7. Example of Configuring SNTP for Unicast Operation
If the SNTP server you specify uses SNTP version 4 or later, use the sntp server command to specify the correct version number. For example, suppose you learned that SNTP version 4 was in use on the server you specified above (IP address 10.28.227.141). You would use the following commands to delete the server IP address and then re-enter it with the correct version number for that server:
SMC6624M(config)# show sntp
SNTP Configuration
Time Sync Mode: Sntp SNTP Mode : Unicast Poll Interval (sec) [720] : 720
IP Address Protocol Version
-------------- ----------------
10.28.227.141 3
In this example, the Poll Interval and the Protocol Versi on appear at their default settings.
Note: Protocol Version appears only when there is an
IP address configured for an SNTP server.
Page 91
5-23
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
Figure 5-8. Example of Specifying the SNTP Protocol Version Number
Changing the SNTP Poll Interval. This command lets you specify how long the switch waits between time polling intervals. The default is 720 seconds and the range is 30 to 720 seconds. (This parameter is separate from the poll interval parameter used for Timep operation.)
Syntax: sntp poll-interval <30 . . 720>
For example, to change the poll interval to 300 seconds:
SMC6624M(config)# sntp poll-interval 300
Disabling Time Synchronization Without Changing the SNTP Configuration. The recommended method for disabling time synchroniza-
tion is to use the timesync command. This halts time synchronization without changing your SNTP configuration.
Syntax: no timesync
For example, suppose SNTP is running as the switch’s time synchronization protocol, with Broadcast as the SNTP mode and the factory-default polling interval. You would halt time synchronization with this command:
SMC6624M(config)# no timesync
If you then viewed the SNTP configuration, you would see the following:
Figure 5-9. Example of SNTP with Time Sychronization Disabled
SMC6624M(config)# no sntp server 10.28.227.141 SMC6624M(config)# sntp server 10.28.227.141 4 SMC6624M(config)# show sntp
SNTP Configuration
Time Sync Mode: Sntp SNTP Mode : Unicast Poll Interval (sec) [720] : 720
IP Address Protocol Version
-------------- ----------------
10.28.227.141 4
Deletes unicast SNTP server entry.
Re-enters the unicast server with a non­default protocol version.
show sntp displays the result.
SMC6624M(config)# show sntp
SNTP Configuration
Time Sync Mode: Disabled SNTP Mode : Broadcast Poll Interval (sec) [720] : 720
Page 92
5-24
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
Disabling the SNTP Mode. If you want to prevent SNTP from being used even if selected by timesync (or the Menu interface’s Time Sync Method param­eter), configure the SNTP mode as disabled.
Syntax: no sntp Disables SNTP by changing the SNTP mode
configuration to Disabled.
For example, if the switch is running SNTP in Unicast mode with an SNTP server at 10.28.227.141 and a server version of 3 (the default), no sntp changes the SNTP configuration as shown below, and disables time synchronization on the switch.
Figure 5-10. Example of Disabling Time Synchronization by Disabling the SNTP Mode
SMC6624M(config)# no sntp SMC6624M(config)# show sntp
SNTP Configuration
Time Sync Mode: Sntp SNTP Mode : disabled Poll Interval (sec) [720] : 720
IP Address Protocol Version
-------------- ----------------
10.28.227.141 3
Even though the Time Sync Mode is set to Sntp, time synchronization is disabled because no sntp has disabled the SNTP Mode parameter.
Page 93
5-25
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
TimeP: Viewing, Selecting, and Configuring
Timep Features
Table 5-4. Timep Parameters
Menu: Viewing and Configuring TimeP
To View, Enable, and Modify the TimeP Protocol:
1. From the Main Menu, select:
2. Switch Configuration...
1. System Information
Feature Default Menu CLI Web
view the Timep time synchronization configuration n/a page 5-25 page 5-27
select Timep as the time syncronization method TIMEP page 5-24 pages 5-28 ff. —
disable time synchronization timep page 5-26 page 5-30
enable the Timep mode Disabled
DHCP page 5-26 page 5-28
manual page 5-26 page 5-29
none/disabled page 5-26 page 5-31
change the TimeP poll interval 720 minutes page 5-27 page 5-30
SNTP Parameter Operation
Time Sync Method Used to select either TIMEP (the default), SNTP, or None as the time synchronization method.
Timep Mode
Disabled The Default. Timep does not operate, even if specified by the Menu interface Time Sync Method
parameter or the CLI timesync command.
DHCP When Timep is selected as the time synchronization method, the switch attempts to acquire a
Timep server IP address via DHCP. If the switch receives a server address, it polls the server for updates according to the Timep poll interval. If the switch does not receive a Timep server IP address, it cannot perform time synchronization updates.
Manual When Timep is selected as the time synchronization method, the switch attempts to poll the
specified server for updates according to the Timep poll interval. If the switch fails to receive updates from the server, time synchronization updates do not occur.
Server Address
Used only when the TimeP Mode is set to Manual. Specifies the IP address of the TimeP server that the switch accesses for time synchronization updates. You can configure one server.
Poll Interval (minutes)
Default: 720 minutes. Specifies the interval the switch waits between attempts to poll the TimeP server for updates.
Page 94
5-26
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
Figure 5-11. The System Information Screen (Default Values)
2. Press [E] (for
Edit). The cursor moves to the System Name field.
3. Use [v] to move the cursor to the Time Sync Method field.
4. If TIMEP is not already selected, use the Space bar to select TIMEP, then press [v] once to display and move to the TimeP Mode field.
5. Do one of the following:
Use the Space bar to select the DHCP mode, then press [v] to move the
cursor to the Poll Interval field, and go to step 6.
Use the Space bar to select the Manual mode.
i. Press [>] to move the cursor to the Server Address field.
ii. Enter the IP address of the TimeP server you want the switch to
use for time synchronization.
Note: This step replaces any previously configured TimeP server IP address.
Time Protocol Selection Parameter
– TIMEP (the default) –SNTP –None
Page 95
5-27
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
iii. Press [>] to move the cursor to the Poll Interval field, then go to
step 6.
6. In the Poll Interval field, enter the time in minutes that you want for a TimeP Poll Interval.
Press [Enter] to return to the Actions line, then [S] (for Save) to enter the new time protocol configuration in both the startup-config and running-config files.
CLI: Viewing and Configuring TimeP
CLI Commands Described in this Section
This section describes how to use the CLI to view, enable, and configure TimeP parameters.
Viewing the Current TimeP Configuration.
This command lists both the time synchronization method (TimeP, SNTP, or None) and the TimeP configuration, even if SNTP is not the selected time protocol.
Syntax: show timep
show timep page 5-27
[no] timesync page 5-28 ff., 5-30
ip timep
dhcp page 5-28
manual page 5-29
server <ip-addr> page 5-29
interval page 5-30
no ip timep page 5-31
Page 96
5-28
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
For example, if you configure the switch with TimeP as the time synchroniza­tion method, then enable TimeP in DHCP mode with the default poll interval,
show timep lists the following:
Figure 5-12. Example of TimeP Configuration When TimeP Is the Selected Time Synchronization Method
If SNTP is the selected time synchronization method ), show timep still lists the TimeP configuration even though it is not currently in use:
Figure 5-13. Example of SNTP Configuration When SNTP Is Not the Selected Time Synchronization Method
Configuring (Enabling or Disabling) the TimeP Mode.
Enabling the TimeP mode means to configure it for either broadcast or unicast mode. Remember that to run TimeP as the switch’s time synchronization protocol, you must also select TimeP as the time synchronization method by using the CLI timesync command (or the Menu interface Time Sync Method parameter).
Syntax: timesync timep Selects TimeP as the time protocol.
ip timep < dhcp | manual > Enables the selected TimeP mode. no ip timep Disables the TimeP mode. no timesync Disables the time protocol.
Enabling TimeP in DHCP Mode. Because the switch provides a TimeP polling interval (default: 720 minutes), you need only these two commands for a minimal TimeP DHCP configuration:
SMC6624M(config)# show timep
Timep Configuration
Time Sync Mode: Timep TimeP Mode : DHCP Server Address : Poll Interval (min) : 720
SMC6624M(config)# show timep
Timep Configuration
Time Sync Mode: Sntp TimeP Mode : DHCP Server Address : Poll Interval (min) : 720
Even though, in this example, SNTP is the current time synchronization method, the switch maintains the TimeP configuration.
Page 97
5-29
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
Syntax: timesync timep Selects TimeP as the time synchronization
method.
ip timep dhcp Configures DHCP as the TimeP mode.
For example, suppose:
Time synchronization is configured for SNTP.
You want to:
1.View the current time synchronization.
2.Select TimeP as the time synchronization mode.
3.Enable TimeP for DHCP mode.
4.View the TimeP configuration.
The commands and output would appear as follows:
Figure 5-14. Example of Enabling TimeP Operation in DHCP Mode
Enabling Timep in Manual Mode. Like DHCP mode, configuring TimeP for Manual mode enables TimeP. However, for manual operation, you must also specify the IP address of the TimeP server. (The switch allows only one TimeP server.) To enable the TimeP protocol:
Syntax: timesync timep Selects Timep.
ip timep manual <ip-addr> Activates TimeP in Manual mode
with a specified TimeP server.
no ip timep Disables TimeP.
SMC6624M(config)# show timep
Timep Configuration
Time Sync Mode: Sntp TimeP Mode : Disabled
SMC6624M(config)# timesync timep SMC6624M(config)# ip timep dhcp SMC6624M(config)# show timep
Timep Configuration
Time Sync Mode: Timep TimeP Mode : DHCP Server Address : Poll Interval (min) : 720
show timep displays the TimeP configuration and also shows that SNTP is the currently active time synchronization mode.
1
2
3
4
show timep again displays the TimeP configuration and shows that TimeP is
now the currently active time synchronization mode.
Page 98
5-30
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
Note To change from one TimeP server to another, you must (1) use the no ip timep
command to disable TimeP mode, and then reconfigure TimeP in Manual mode with the new server IP address.
For example, to select TimeP and configure it for manual operation using a TimeP server address of 10.28.227.141 and the default poll interval (720 minutes, assuming the TimeP poll interval is already set to the default):
SMC6624M(config)# timesync timep Selects TimeP. SMC6624M(config)# ip timep manual 10.28.227.141
Activates TimeP in Manual mode.
Figure 5-15. Example of Configuring Timep for Manual Operation
Changing the TimeP Poll Interval. This command lets you specify how long the switch waits between time polling intervals. The default is 720 minutes and the range is 1 to 9999 minutes. (This parameter is separate from the poll interval parameter used for SNTP operation.)
Syntax: ip timep dhcp interval <1 . . 9999>
ip timep manual interval <1 . . 9999>
For example, to change the poll interval to 60 minutes:
SMC6624M(config)# ip timep interval 60
Disabling Time Synchronization Without Changing the TimeP Configuration. The recommended method for disabling time synchroniza-
tion is to use the timesync command. This halts time synchronization without changing your TimeP configuration.
Syntax: no timesync
SMC6624M(config)# timesync timep SMC6624M(config)# ip timep manual 10.28.227.141 SMC6624M(config)# show timep
Timep Configuration
Time Sync Mode: Timep TimeP Mode : Manual Server Address : 10.28.227.141 Poll Interval (min) : 720
Page 99
5-31
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
For example, suppose TimeP is running as the switch’s time synchronization protocol, with DHCP as the TimeP mode, and the factory-default polling interval. You would halt time synchronization with this command:
SMC6624M(config)# no timesync
If you then viewed the TimeP configuration, you would see the following:
Figure 5-16. Example of TimeP with Time Sychronization Disabled
Disabling the TimeP Mode. Disabling the TimeP mode means to configure it as disabled. (Disabling TimeP prevents the switch from using it as the time synchronization protocol, even if it is the selected Time Sync Method
option.)
Syntax: no ip timep Disables TimeP by changing the TimeP mode
configuration to Disabled.
For example, if the switch is running TimeP in DHCP mode, no ip timep changes the TimeP configuration as shown below, and disables time synchronization on the switch.
Figure 5-17. Example of Disabling Time Synchronization by Disabling the TimeP Mode Parameter
SMC6624M(config)# show timep
Timep Configuration
Time Sync Mode: Disabled TimeP Mode : DHCP Server Address : Poll Interval (min) : 720
Even though the Time Sync Mode is set to Timep, time synchronization is disabled because no ip timep has disabled the TimeP Mode parameter.
SMC6624M(config)# no ip timep SMC6624M(config)# show timep
Timep Configuration
Time Sync Mode: Timep TimeP Mode : Disabled
Page 100
5-32
Configuring IP Addressing, Time Synchronization, Interface Access, and System Information
Time Synchronization Protocol Options
Configuring IP Addressing,
Time Synchronization,
SNTP Unicast Time Polling with Multiple SNTP Servers
When running SNTP unicast time polling as the time synchronization method, the switch requests a time update from the server you configured with either the Server Address parameter in the menu interface, or the primary server in a list of up to three SNTP servers configured using the CLI. If the switch does not receive a response from the primary server after three consecutive polling intervals, the switch tries the next server (if any) in the list. If the switch tries all servers in the list without success, it sends an error message to the Event Log and reschedules to try the address list again after the configured Poll Interval time has expired.
Address Prioritization
If you use the CLI to configure multiple SNTP servers, the switch prioritizes them according to the decimal values of their IP addresses. That is, the switch compares the decimal value of the octets in the addresses and orders them accordingly, with the lowest decimal value assigned as the primary address, the second-lowest decimal value assigned as the next address, and the third­lowest decimal value as the last address. If the first octet is the same between two of the addresses, the second octet is compared, and so on. For example:
SNTP Server IP Address
Server Ranking According to Decimal Value of IP Address
10.28.227.141 Primary
10.28.227.153 Secondary
10.29.227.100 Tertiary
Loading...
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use